• Home
  • Blog
  • RPA Identity Governance

Identity Governance of RPA Software Robots

RPA has great potential to speed up processes and make businesses more profitable. The technology also has a downside, unfortunately. Without proper controls, RPA could be a vector of fraud.

Before jumping into software robot (bot) credentials, it might be useful to discuss a few terms and processes associated with a typical industry-standard Identity Governance and Administration (IGA) system / enterprise function. In an IGA framework, there are two major types of identities – User identities and Service Accounts/Identities. In terms of User Identity, every user has a role e.g. Manager, Analyst, Accounts Payable clerk, etc. These roles are many times separated into two tiers – Business role and Technical role. Differences between these two tiers is out of the scope of this paper. Roles organize people by their business function and user-based attributes to solve questions of what users should have access to because of who they are or what they need or might have an option to request without additional approval. Each role may have one or more entitlements inside applications. Entitlements encapsulate the set of privileges/authorizations needed to perform a specific action inside an application. For example, an accounts payable clerk will have the entitlement to create refund checks in the financial application, view invoices and approve them for validity if they match the Purchase Order in the procure to pay module or the entitlement to view invoices in the invoicing system.

Continue Reading