Identity & Access Management Remediation

Identity & Access Management Remediation

Case Study

Identity & Access Management Remediation

Share this Case Study with a friend.

dark mode

Customer Challenge

A leading Tier-1 bank identified significant gaps and deficiencies in the design, implementation, and operation key procedural controls for identity and access management. A program was established to address the issues and multiple remediation workstreams were initiated to reduce the risk of privileged and inappropriate access to infrastructure. While the immediate issues and basic remediation options were operationally understood, it was recognized that a sustainable approach and new strategy for the management of access rights was required to realise successful long-term risk reduction.

How Citihub Helped

Citihub was retained to lead and execute several projects and provide the expertise necessary to help achieve the program’s objectives. A highly skilled team of security architects, experienced project managers, and domain business analysts and SMEs were engaged across a diverse stakeholder group (including IT Security, CTO, Architecture, Risk & Compliance, Infrastructure, Application Development, Operations, and Audit).

The team executed a basket of projects to realise near-term risk reduction benefits across audited key procedural controls in four areas of critical concern: segregation of duties, highly privileged users, temporary privileged access, and management of technical (non-user) accounts. Existing control processes were analysed and remediated, and new processes were designed and implemented resulting in the downgrade/closure of several high-visibility operational risk issues.

Citihub also defined, mobilised and executed a project to design and deliver a centralised access management controls assurance service providing improved transparency on the effectiveness of access management controls as well as governance and tracking around the remediation of control violations. Working closely to meet the needs of 1st and 2nd lines of defence, the service directly supported the quarterly internal controls assessment process for on boarded controls.  Additionally, Citihub led the program’s flagship project to define a new end-to-end future-state strategy for access management.  The target operating model addressed control gaps strategically by considering the full lifecycle of infrastructure entitlements from request & approval through to provisioning and removal. It also encompassed supporting processes such as re-certification and reconciliation. Controls were embedded in the processes including upstream and downstream dependent activities such as Joiner, Mover, and Leaver processes.


Near-term risk reduction benefits

  • Control deficiencies closed or mitigated on existing control processes
  • Increased frequency and timeliness of control violation reporting
  • Several high visibility operational risk issues closed or downgraded
  • Drove significant reductions in outstanding control violations

Sustainable control effectiveness

  • Increased automation and reliability across control operational process areas
  • Reduced risk exposure window between the occurrence of a violation and its detection
  • Increased transparency around control effectiveness
  • Governance and oversight of control processes and violation remediation tracking
  • Ability to correlate data across multiple sources to enhance detection of interrelated violations

Related Case Studies

Our Insights

see all insights
See technical discoveries and coding insights from our developers.

Learn more about our Services

Application Modernization

Driving the technical, operational and cultural changes required for adoption of cloud native architectures, platforms and services

Application Modernization
read more
read more

Making data accessible, usable, accurate and secure

Data Management
read more
read more

Architecture, design and hands-on engineering of secure and scalable private and public cloud platforms

Cloud Platform Services
read more
read more

Ensuring safety of data and applications in the cloud by integrating security into the heart of developer workflow

Cloud Native Security
read more
read more

Unlocking cloud-based developer productivity through modern, dynamic approaches towards compliance

Continuous Compliance
read more
read more

Implementing modern organizational structures and operating models that transcend traditional silos

Enterprise Transformation
read more
read more

Let's talk about your digital transformation

contact us