Identity & Access Governance - Finance Industry

  • TYPE: Combined Session DATE: Wednesday, April 18, 2012 TIME: 14:00-15:00 LOCATION: Auditorium


After integration of Dresdner Bank, which was completed successfully in spring 2011, a new IAM (Identity & Access Management) governance model has been set up and implemented. Components of this model are governance structures and responsibilities (including processes and raci-matrix); a recertification process for critical application on a risk based assessment and the design and implementation of a new workflow tool for the requesting and approval of access rights.

After having completed the roll-out of the new governance structures and responsibilities in 2011, as well as the first recertification tranche and POC (prof of concept) for the new workflow tool, the scope for 2012 is the implementation of the workflow tool, further recertification activities and sustainable implementation of the new IAM governance.


Academic Studies of economics at Helmut Schmidt University of the Federal Armed Forces in Hamburg (Dipl.-Volkswirt) and of business management at distance university Hagen (Dipl.-Kaufmann). Officer of carrer at the Federal Armed Forces of Germany, in the last position as S6-Officer responsible...

In May 2010, Munich Re started a project to define, coordinate and establish compliant, sustainable and efficient IAM processes and policies based on best practices; to provide matching and appropriate IT support for the IAM processes to enhance efficiency and to provide reliable data on Digital Identities.
The Quest One Identity Manager (Quest OIM – former Voelcker ActiveEntry V4.2) was implemented and customized to fit into Munich Re’s IAM architecture. One of the main additions to Quest OIM was the introduction of a Master-/Sub-Identity Model which e.g. allows requesting entitlements for each account of a Digital Identity independently. The Master-/Sub-Identity Model was adopted for standard Quest OIM in a generalized form.
Up to date about 17.000 Digital Identities with several assigned accounts are managed, IAM functions, e.g. requesting entitlements, password reset, are implemented for more than eleven 70 SAP clients and 87 dotNet applications, and more than 20.000 entitlements can be requested via Quest OIM.
One of the major challenges in the project was to design and implement an efficient process to define and manage those entitlements from the huge list of SAP roles and AD groups which should be made available for requesting/approving by the users via Quest OIM.
This session will show the results, best practices and lessons learned in the Munich Re IAM project and from the first year of operation of the IAM tool and will be presented by Munich Re’s IAM project manager, Wolfgang Zwerch.


Wolfgang Zwerch was born 1971 and studied computer science at the university of applied science in Augsburg. He has experience in different areas of IT for more than 18 years. Before joining Munich Re he worked for CSC as an IT Security and Identity Management leading consultant for nearly 10...

Watch videos:  
Log in to download presentations:  


Session Links


European Identity & Cloud Conference 2012

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • Apr 17 - 20, 2012 Munich, Germany