iValue Center of Excellence
Your Technology. Proven. Positioned. Sold.
• Sell outcomes, not features
IAM Upsell Stack with Controls
Leverage pre-built Identity and Access Management (IAM) stack controls to demonstrate secure access, compliance, and governance in real-world enterprise scenarios.
| # | IDAM Control Area | Consolidated Requirement | CERT-In | RBI | SEBI CSCRF | IRDAI | DPDP | NCIIPC | Technology | iValue Stack Required (Multi-Stack by Design) |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Identity Uniqueness | Unique identity, no shared IDs | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | IDAM | RSA / OpenText NetIQ / Entrust IDaaS |
| 2 | Central Identity Repository | Central IAM / directory | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | IDAM | RSA / NetIQ / Entrust |
| 3 | Identity Lifecycle (JML) | Joiner–Mover–Leaver | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | IDAM | RSA / NetIQ |
| 4 | Strong Authentication | Secure authentication mechanisms | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | IDAM | IDAM + RSA / Entrust + Yubico |
| 5 | Multi-Factor Authentication | MFA for admins, remote, cloud | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | MFA | Yubico (mandatory) |
| 6 | Adaptive / Risk Auth | Context-based access | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ⬜ | UEBA | Gurucul (risk signals feeding IAM) |
| 7 | Password Policy | Complexity & rotation | ✅ | ✅ | ✅ | ✅ | ⬜ | ⬜ | IDAM | RSA / NetIQ |
| 8 | RBAC | Role-based access | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | IDAM | RSA / NetIQ |
| 9 | Least Privilege | Minimum required access | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | IDAM | IDAM + RSA + CyberArk / ARCON |
| 10 | Segregation of Duties | Maker-Checker, Admin-Auditor | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | IDAM | IDAM + RSA / NetIQ + CyberArk |
| 11 | Privileged Account Discovery | Identify privileged identities | ✅ | ✅ | ✅ | ⬜ | ⬜ | ✅ | ITDR | ITDR: Tenable.AD |
| 12 | Privileged Access Control | JIT, approvals | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | PAM | CyberArk / ARCON |
| 13 | Privileged Session Monitoring | Record privileged actions | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | PAM | PAM + CyberArk + Chronicle / Splunk |
| 14 | Credential Rotation | Rotate admin & service creds | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | PAM | CyberArk / ARCON |
| 15 | Dormant Accounts | Disable inactive IDs | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | IDAM | IDAM + ITDR: RSA + Tenable.AD |
| 16 | Access Reviews | Periodic certification | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ⬜ | IDAM | RSA / NetIQ |
| 17 | Third-Party Access | Time-bound vendor access | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | IDAM | IDAM + PAM + RSA + CyberArk + Yubico |
| 18 | Service / Machine IDs | Secure non-human identities | ⬜ | ✅ | ⬜ | ⬜ | ⬜ | ✅ | PAM | PAM + ITDR: CyberArk + Tenable.AD |
| 19 | Auth Event Logging | Log all auth events | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | SIEM | Google Chronicle / Splunk / ArcSight |
| 20 | Privileged Activity Logging | Log admin actions | ✅ | ✅ | ✅ | ⬜ | ⬜ | ✅ | SIEM | SIEM + Chronicle + CyberArk |
| 21 | Log Retention | Retention per mandate | ✅ | ⬜ | ⬜ | ⬜ | ⬜ | ⬜ | SIEM | Chronicle / ArcSight |
| 22 | Identity Threat Detection | Detect misuse, escalation | ⬜ | ✅ | ✅ | ⬜ | ⬜ | ✅ | UEBA | UEBA + ITDR: Gurucul + Tenable.AD |
| 23 | Incident Access Revocation | Kill compromised identity | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | IDAM | IDAM + RSA + CyberArk |
| 24 | Data Access Governance | Need-to-know data access | ⬜ | ⬜ | ⬜ | ⬜ | ✅ | ⬜ | IDAM | IDAM + UEBA + RSA + Gurucul + Chronicle |
| 25 | Audit Evidence | Evidence for audits | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | SIEM | SIEM + IAM Logs: Chronicle / Splunk |
| 26 | IAM Governance | Policies & oversight | ✅ | ✅ | ✅ | ✅ | ⬜ | ✅ | IDAM | IDAM + GRC workflows (process-driven) |