Does your systems access matter to you? It does to us. We’re the Identity and Access Management (IAM) Team. Many of you may not have heard of us, we are the team that delivers your access, predominately to regulated applications like Polar, Oracle, CORe, MXP, the Banks and Mistral. We make sure that you have the right access, to the right system, at the right time. We also periodically review your access with Senior Leaders to ensure you have the right level of access to do your job.
Why is Identity Access Management important?
If you read or follow the news and see the latest cyber security threats, risks or data breaches, we’re one of the security teams preventing that happening to Carnival UK. We’re a control function, it doesn’t sound very exciting, does it? Luckily, it does to us, and we’re here to protect the company from these types of threats. We want to enable the business to carry out their functions in a compliant, risk-free manner that won’t comprise our systems.
We’re in the throes of delivering new automation using a product called Sailpoint IdentityNow or (IDN for short) which will make your working life easier and simpler.
SailPoint IDN is coming – so what is it? It’s a cloud-enabled tool that brings automation to Identity Security. It means we can better manage access to applications, knowing who has access to what, and we can run automated access reviews at the touch of a button. Ultimately it will increase our productivity and will make Carnival UK more secure.
What will the introduction of SailPoint IDN mean for Line Managers? Currently user access certifications are performed by Senior Leaders. However, for Shoreside SOX applications, responsibility of access reviews will be transferring to Line Managers who are more aware of their direct report’s access needs.
What are the benefits? For the majority of people, the benefits may not be transparent immediately. There will be greater efficiencies with access requests and users can be productive from day 1 on their employment journey. As we embed the tool and bring in more enhancements, there will be greater benefits to users.
Meet the IAM Team
Sue Still: – Manager, Identity & Access Management:
I have the privilege of people managing the IAM Team, and what a great team they are, I can certainly say they make my job easier. I’ve been with Carnival UK for 4 years and it’s been an exciting journey to say the least. Aside from my people management responsibilities, I oversee our controls in the form of user access reviews and transactional controls like leavers ensuring we adhere to our policies, standards and procedures. I also drive improvements to our area, like new functionality or process enhancements. I perform the privileged access reviews, ensuring that our highly privileged accounts are managed appropriately. My team works closely with our fellow Security functions, Technology, Finance and Audit teams.
Jacqui Cutler: Senior Analyst, Identity & Access Management
Being the longest serving member of the team, I’ve gained a great deal of knowledge working at Carnival UK across a number of teams in Finance, Technology and now Security. I’m predominately working on the IAM project delivering Sailpoint IDentityNow, however, I’m happy to spend time with newer members of the team cross skilling and sharing my knowledge.
Kit Hayward: Senior Analyst, Identity & Access Management
I have recently joined the IAM team having moved across from the Applications Support team. I bring a wealth of knowledge of our application landscape that will help drive improvements in the IAM processes. I’m currently seconded on the Privileged Access Management project which will help manage our privileged accounts in a more secure fashion.
Saqib Elahi: Analyst, Identity & Access Management
My day-to-day activity is about keeping an eye on Incidents, Service Requests and Emails. Also, paying attention to any escalation teams messages. Doing my daily checks gives me a feel on what the day will look like, I also look forward to our daily stand-ups, we use the time to deal with any issues and collaborate with the team and share ideas. Working with the SOX timelines for completing our User Access Reviews (UAR’s) on time while balancing our normal BAU activities.
Sanjog Limbu: Analyst, Identity & Access Management
As an IAM Analyst our primary responsibility is to manage Access Governance of Carnival UK IT Systems. We are also responsible for performing periodic User Access Reviews (UARs). Being a new member of the IAM Team I perform User Access Reviews of Systems like PayIT, AMOS, MISTRAL Ships etc. I also look after the Service Request and Incidents queues, UAM & IAM Mailboxes and deal with queries accordingly.
Chris Gifford: Analyst, Identity & Access Management
I joined the IAM team almost a year to the day. My key responsibilities are conducting access reviews, managing service requests and incidents, but other activities I work on are building relationships with other teams, proactively seeking solutions to broken processes, working on the ServiceNow project, managing the IAM leavers process.
Chris Hatton: Analyst, Identity & Access Management
I have recently joined the team as a contractor to help manage the IAM service request and incident queues.
Please reach out to us if you have any questions or are interested in learning more.
For any day to day queries about access, incidents or service requests, please contact us at: cukidentityandaccessmanagement@carnivalukgroup.com
For any questions related to access reviews, please contact us at: Identity.accesscompliance@carnivalukgroup.com