Call us: +01 732 778 3569

Identity Governance Mini-Case Study

1      Introduction

This mini-case study provides an overview of how CTI successfully partnered with CIT Financial to implement an advanced Identity Governance solution that met with its requirements for improved certification and remediation processes, strengthened security and compliance, and lowered costs.

2      Customer Profile

Founded in 1908, CIT (NYSE: CIT) is a bank holding company with more than $33 billion in finance and leasing assets. A member of the Fortune 500, it provides financing and leasing capital to its small business and middle market clients and their customers across more than 30 industries. CIT maintains leadership positions in small business and middle market lending, factoring, retail finance, aerospace, equipment and rail leasing, and global vendor finance.

3      Customer Needs

CIT has embarked on a new Identity Access strategy to meet the more stringent guidelines of the banking industry, centralize user data and authentication and organize its current security infrastructure. The goals are to discover, analyze and possibly remediate Identity and access issues such as multiple user logins, password management, separation-of-duties, provisioning and de-provisioning. More importantly, they will address the current antiquated and cumbersome certification process (Application Certification Life Cycle – ACLC) that is inconsistent amongst applications. Lastly, changes to the current ACLC process are necessary to meet future requirements of both internal and external audits.

CIT will implement the SailPoint IIQ governance, compliance and provisioning tool to discover and resolve the issues mentioned above. Initially, the tool will be used to organize and analyze user data, roles and permissions. Each application integrated into IIQ is scheduled for a new certification process done within IIQ so that the next certification cycle can leverage IIQ’s simplicity and consistency.  Strategic initiatives include full enterprise provisioning, data merge capabilities and lifecycle management.

Solution Provided by CTI

SailPoint IIQ offers on-demand visibility into “who has access to what” so that enterprises can address compliance mandates and governance requirements across the most complex IT and business environments. Its centralized intelligence and risk-based approach to managing user access provides transparency and strengthens controls. IIQ automates access certifications, policy enforcement, and the end-to-end access request and fulfillment process.

CTI partnered with SailPoint to help CIT plan for the controlled introduction of the IIQ product and provided hands-on engineering services to successfully implement the product. CTI also provided CIT with ongoing support during a subsequent audit period.

More specifically, during a Phase 1 of the project, CTI provided CIT with specialized professional services during several important stages, including:

    • Requirements Analysis and Design.
    • Aggregation of high priority applications and multiple authoritative sources.
    • Scheduling and planning of application integration and testing.
    • Installation and Roll-out of production and test environments.
    • Versioning and Source repository.
    • Report generation and support for first ACLC cycle.
    • Complex ACLC requirements and scripting for delegation rules to conditionally route certifications to approvers and data owners.
    • IIQ Integration to an internal application inventory datastores to automate workgroup management.

 

For Phase 2, CTI provided CIT with specialized professional services for more advanced deliverables such as:

    • Requirements Analysis and Design for the Lifecycle Manager component for workflows, user provisioning, and group\role management.
    • Implementation of data synchronization between IIQ and the authoritative sources to improve data integrity.
    • Custom data access and transform applications to utilize the IIQ datastores to for internal CIT downstream applications.

Benefits to Customer

The solutions implemented and supported by CTI Professional Services resulted in an excellent return on investment (ROI) and many specific benefits to CIT, including:

    • Replacement of the current manual user access certification processes
    • Centralized, enterprise-wide repository of identity governance information, defining who has access to what.
    • Repeatable and auditable certification processes, which are extensible enough to facilitate future requirements.
    • Better data integration, increased security, higher efficiency and lower costs.
    • User provisioning, password management, group management and Workflow capabilities.
    • Data cleansing and synchronization.

Conclusion

With its 12+ years of experience, CTI is a reliable Identity Governance solution provider that is successfully assisting CIT globally to meet its needs for improving compliancy and audit processes. By improving on the inefficient non-standard certification process and organizing its user information, CIT is reaping the benefits of the unique SailPoint product and CTI’s services and expertise.

More importantly, this success has been the catalyst and foundation for subsequent projects utilizing the provisioning components of IIQ; the Lifecycle Manager, user management and data synchronization.  SailPoint IIQ, combined with CTI expert-level professional services, has provided CIT with an excellent return-on-investment.

CTI helps customers solve their Identity challenges through advisory services and assessments, focused IAM projects, support services, and staff augmentation.

Contact Info

Connect with us

© 2025 · CTI Global
Privacy Policy

Type and press Enter to search