SailPoint Identity Security implementation and management — IGA

About the service

Assertiva SA provides professional consulting, implementation, and support services for SailPoint, the leading Identity Security platform for enterprise IGA. SailPoint's identity-first approach enables organizations to integrate governance directly into the identity lifecycle — automating access provisioning, certification, and policy enforcement across all identity types: employees, contractors, non-human accounts, and AI agents. This allows IT, security, and compliance teams to operate with confidence while reducing manual overhead, mitigating access risk, and meeting regulatory requirements at scale.

Scope and deliverables

• Assessment of the current identity landscape: Identification of applications, systems, data sources, accounts, entitlements, access policies, governance gaps, orphan accounts, toxic access combinations, and compliance risks.

• IGA implementation roadmap design: Definition of deployment phases, connector priorities, governance model, organizational mapping, and success metrics aligned with business, risk, and compliance objectives.

• Platform deployment and configuration: Implementation of SailPoint Identity Security Cloud (SaaS) or IdentityIQ (on-premises), including tenant setup, infrastructure configuration, and baseline hardening.

• Identity data onboarding and migration: Import, cleansing, validation, and migration of identities, entitlements, and roles from legacy IAM systems or flat files.

• Integration with authoritative sources: Connection of HR systems such as SAP, Workday, and Oracle HCM as sources of truth for identity lifecycle events.

• Enterprise directory and productivity platform connectors: Integration with Active Directory, Microsoft Entra ID (Azure AD), Exchange, Microsoft 365, and Google Workspace, including aggregation, provisioning, deprovisioning, group and license management, and entitlement governance.

• Custom connectors and integrations: Development of connectors for custom, legacy, or niche applications, including REST, SOAP, JSON/XML, OAuth 2.0, token-based authentication, pagination, SCIM 2.0, and custom lifecycle logic.

• ITSM platform synchronization: Integration with ServiceNow, Jira, and BMC Helix for ticket automation, access fulfillment, workflow synchronization, and traceability.

• Lifecycle management: Automated joiner, mover, and leaver processes driven by HR events.

• IdentityIQ to Identity Security Cloud migration: Assessment, planning, redesign of rules and customizations, migration of connectors, roles, policies, certifications, validation, and decommissioning of legacy environments using SailPoint migration tools.

• Access request management: Self-service access requests, approval workflows, SLA enforcement, and ITSM integration.

• Access certification campaigns: Periodic and event-driven reviews of users, roles, entitlements, and privileged accounts.

• Role management: Role discovery, modeling, and mining to simplify governance and reduce entitlement sprawl.

• Segregation of Duties (SoD) policies: Definition, enforcement, violation detection, and remediation workflows.

• Password management: Self-service reset, synchronization, and policy enforcement.

• Non-Employee Risk Management (NERM): Governance of contractors, vendors, and partners, including onboarding, risk scoring, lifecycle management, and offboarding.

• Cloud Infrastructure Entitlement Management (CIEM): Governance of AWS, Azure, and GCP entitlements, identifying excessive permissions and misconfigurations.

• Data Access Security: Governance of unstructured data access, sensitive data visibility, toxic access detection, and certification campaigns.

• Workflow automation: No-code workflows for provisioning, notifications, escalations, and orchestration.

• AI-driven identity recommendations: Access recommendations, outlier detection, peer analysis, and role suggestions.

• Compliance and audit reporting: Dashboards, audit trails, and reports aligned with SOX, ISO 27001, and internal policies.

• Remediation strategy: Roadmaps and workshops to address access risks and governance gaps.

• Knowledge transfer: Training for IT, security, and compliance teams.

• Technical documentation: Connector inventory, workflows, architecture, and operational runbooks.

• Support and incident management: Incident resolution, root cause analysis, configuration fixes, health checks, optimization recommendations, and ongoing advisory services.

Why Assertiva S.A.

At Assertiva S.A., we combine specialized IAM and cybersecurity expertise with more than 19 years of experience across Latin America and the Caribbean. We support clients from assessment and architecture through implementation, training, maintenance, and ongoing support, delivering tailored engagements aligned with identity governance best practices and compliance requirements.