Identity and Access Management Compliance

Overview

Identity Management Institute® (IMI) has developed comprehensive Identity and Access Management (IAM) compliance services including program audit and certification.

Program Compliance Services

Certified IMI members can assist companies with the audit and certification of their compliance programs with any of the following services:

  • Conduct a comprehensive assessment of the compliance program,
  • Recommend improvement opportunities,
  • Complete the audit and certify the program, and
  • Offer training assistance.

Scope

The compliance programs for which companies may be interested to engage an independent organization to audit and certify include:

  • Privacy
  • Customer Identification Program (CIP)
  • Information Security and Access Management
  • Know Your Customer (KYC) – Account Monitoring
  • Suspicious Activity Reporting
  • Consumer Credit and Agency Reporting
  • Identity Theft Prevention Program (Red Flags Rule)

Benefits

A focused IAM compliance audit and certification has many benefits including the independent validation of the program completeness and effectiveness as well as the identification of improvement opportunities in the company’s compliance program by a recognized global leader in identity management. Benefits of a compliance program audit and certification include:

  • Ensure completeness and efficiency of the compliance program
  • Higher compliance confidence by the company and outsiders
  • Validation of access controls and user access
  • Improved customer satisfaction and loyalty
  • Improved customer identification process and privacy
  • Reduced risks of fraud and unauthorized access
  • Enhanced corporate status and competitive advantage
  • Lower insurance premiums
  • Lower chance of government audits
  • Preparation for regulatory agency audits

Compliance Service Levels

IMI offers compliance program services for organizations which might be in various stages of their IAM compliance program implementation:

1) Development – For organizations which have not yet developed an identity compliance program, certified IMI members will work with company management and staff to guide them through the development stage by providing the necessary checklists, templates and guidance.

2) Pre-Assessment – For organizations which have developed a compliance program but need an independent assessment of their program before a certification audit, IMI offers a pre-assessment service which will review the program documentation and provide management with a list of actionable steps ensuring a complete compliance program.

3) Certification – Organizations which have a compliance program in place and feel that their program is complete and ready for a certification audit, can engage IMI to complete an audit and certify their program.

Auditor Accreditation Process

Interested audit organization may register with IMI and become an approved certification body to audit identity and access compliance programs. Accreditation ensures that registered certification bodies follow a pre-approved audit and certification approach designed by IMI. By joining IMI, registered audit organizations will gain the confidence of their clients and receive referrals by being listed on IMI website as registered auditors.

Accreditation requirements include active membership and professional certification by audit staff and managers.

Contact Us

Please contact IMI to discuss your identity and access compliance needs and application process for certification or accreditation. Please submit your inquiry.