Commercial Vehicle Group cuts user access reviews from months to weeks and achieves regulatory compliance with automated identity and access management.
For Commercial Vehicle Group, effective monitoring of IT user access is absolutely critical. The company, which supplies products and systems for commercial vehicles and heavy-duty trucks across the globe, must ensure that the right employees have access to the right information in the organization’s 13 enterprise resource planning (ERP) systems. Ensuring the right access plays an essential role in the company’s ability to comply with Sarbanes-Oxley Act (SOX) requirements for safeguarding data. “We need to be ready when external auditors review our IT general controls each year,” says Melissa Bowhers, senior IT compliance analyst for Commercial Vehicle Group. “They review anything from our user access and de-provisioning to elevated privilege accounts and password requirements.”
Although the organization had formal processes for managing user access compliance, these processes were manual and inefficient. For example, the user access review process required system admins to extract data from their systems and then it was imported into 39 different spreadsheets. As a result, there was no easy way to identify user access changes.
Commercial Vehicle Group chose to implement Identity Manager, an identity and access management solution that streamlines the management of user identities and access privileges. Using Identity Manager, Commercial Vehicle Group can automate account creations, assign access, and unify identities, passwords, and directories using enhanced management capabilities