Case Study: ABN AMRO Group achieves risk-based identity governance and stronger access controls with SailPoint Technologies

Risk Model Moves into Identity

ABN AMRO, the global banking group, faced a common identity-management challenge: a patchwork of legacy systems and uneven access controls amplified by growth and acquisitions, compliance pressures, and costly, never-ending projects that failed to address real security risks. In 2006 the bank recognized it needed a more strategic approach to identify where access to sensitive data mattered most and where its controls were weakest.

ABN AMRO adopted a risk-based identity management strategy, working with PwC to map risks and prioritize controls and using targeted automation and tools (including solutions from SailPoint) where they offered the most value. By dedicating the first year to process and access reviews and the second to implementing prioritized controls and risk analysis for critical applications, the bank advanced more quickly, gained clearer, enterprise-wide reporting and dashboards for compliance, and focused investments on areas that reduce the greatest information-risk exposure.

ABN AMRO Group

Paulo Martins

Enterprise Identity and access Manager