PwC helps a large retailer cut costs with an updated provisioning and user-entitlement system.
A large retail and consumer products company needed to update its employee provisioning and user-entitlement certification systems to better ensure accuracy and regulatory compliance. Under its existing system, the manual provisioning and quarterly user-entitlement certification were time-consuming, inefficient, and prone to inaccuracies. The retailer, which operates more than 1,000 stores in the US, needed to lower costs and strengthen regulatory and internal compliance through a centralized Identity Management (IM) solution. Yet the company lacked expertise in the processes and underlying technology architecture to efficiently implement a mature IM solution.
The retailer selected Oracle Identity Manager (OIM) 11g and Oracle Identity Analytics (OIA) 11g to build a complete IM system. The company engaged PwC to assist with the design and deployment of OIM 11g and OIA 11g, and architect an IM infrastructure that would fully integrate with its Enterprise Resource Planning (ERP) system. Drawing upon more than 100,000 hours of hands-on experience in IM architecture and implementation, we designed, tested, and deployed a shared infrastructure to address the retailer’s complex needs. We also developed processes to test the implementation, and trained the company’s staff in best practices for deployment and operational support.
The new shared IM infrastructure is enabling the company to automate 80 percent of user access requests, a substantial improvement over its previous 100 percent manual processes. To date, we have on-boarded 150 applications and systems across multiple data systems, and enabled automated recertification for more than one million user accounts. As a result, the retailer now has state-of-the-art automated control over user access and certification, while the costs to provide access control, user management, and provisions have been significantly reduced. The implementation also enables the retailer to more cost-effectively manage regulatory requirements and internal security policies.