Remediate Your Segregation of Duty (SOD) for Workday


Gain Granular Visibility into Workday Access

Saviynt + Workday

Saviynt AccessInsightTM for Workday provides much desired visibility and visualization of Workday access. With one-click integration to Workday, Saviynt analyzes Workday access hierarchy and maps out complex inherited relationships between Domains, Business Process, Security Groups, Organization Types, Positions, Roles, Actions and Policies. The access model can then be easily leveraged for reporting on ‘who has access to what?’ and comprehensive access life management.

Remediate and Prevent Segregation of Duty (SOD) Violations with Ready2Go Ruleset

Remediate and Prevent Segregation of Duty (SOD) Violations with Ready2Go Ruleset

The only industry solution to provide out-of-box SOD rulesets for Workday HR and Finance business processes. Saviynt automatically identifies SOD violations at granular access level. In addition, Saviynt offers a comprehensive SOD remediation workbench including ability to prioritize SOD violations, apply and maintain mitigating controls and monitor transaction logs. SOD violation simulation is also integrated with Saviynt Access Request System to proactively prevent violations from occurring and enabling workflow approvers to make informed decisions.

Saviynt Workday Solution Capabilities

SOD Management:

  • Evaluate SOD violations across multiple Cloud and
    Enterprise applications
  • Dashboard to easily manage and monitor risks
  • Investigation workbench with actual vs. potential classification
  • Simulate various remediation scenarios and assess the impact

Automated Role Design and Management:

  • Simplified access governance with support to hierarchical roles
  • Statistical and heuristic algorithms to identify roles
  • Comprehensive role life-cycle management with history & versioning
  • Usage analytics to make intelligent decisions for role mining

Continuous Controls:

  • Out of the box Controls and a framework to build custom controls
  • Continuously monitor for risk levels and send alerts based on threshold
  • Multiple dashboards that serve different actors

Automated User Management:

  • Integration with Workday HRMS to orchestrate identity lifecycle processes
  • Request based provisioning of granular access to other Workday modules
  • Policy and compliance checks to prevent SOD violations
  • Advanced recommendations based on inlier and outlier analysis

Access Certification:

  • Launch risk based access certification for users, roles and entitlements
  • Detect policy violations during access review and take corrective action
  • Recommendations based on usage analytics and peer group analysis

Emergency Access Management:

  • Visibility into privileged users across your environment
  • Manage time-bound access to privileged users
  • Monitor user activity and automate access review

Manage and Monitor Privileged and Emergency Access to Workday

One of the key risks an organization faces today is Privilege Access compromise. Designed grounds-up with security in mind, Saviynt provides timed access to privileged roles (check-out/in), optional step-up authentication, flexible approval workflows and session activity monitoring. Saviynt’s approach of granting privileged access via ‘roles’ instead of ‘shared accounts’ eliminates the need for password vaulting and intrusive redirection via session gateway. More importantly, it improves the correlation of user activity as end user’s regular account remains unchanged through entire privileged access session. The session activity can then be evaluated by Saviynt’s Risk Insight – user behavior analytics engine to determine anomalous activity.

‘Stay clean’ with risk-based access review and request processes

Only way an organization can maintain its security posture is with continuous compliance and automated identity administration processes. Saviynt taps into one or more authoritative systems and automates access provisioning / revocation to Workday modules. Saviynt can also detect lifecycle events such as transfers and contractor to employee change to trigger micro-certifications / access review. Saviynt can also identify risky user access with its AccessInsightTM analytics and drive higher effectiveness of certification. In addition, Saviynt provides an intuitive and intelligent access request system to ensure all access to Workday is reviewed and approved prior to being provisioned.