Access Management Redefined
AMS 360 enables you to simplify, streamline and track access to all your computer systems in accordance with GxP guidelines.
Digitize your access control and access monitoring in accordance with CGMP guidelines
Know accurately who has access to what system and optimize software licenses
Never worry about lingering access and associated risks of loss of Intellectual Property or loss of Data Integrity
LACK OF CONTROL &
REAL TIME VISIBILITY
THE PROBLEM
Keeping track of who has access to what system, using manual process, is cumbersome. Inability to control and monitor real-time access increases vulnerability of integrity and security issues, leading to non compliance to regulatory guidelines
THE SOLUTION
Automated Access Control with Real-Time Visibility
AMS 360 enables you to simplify, streamline and track access to all your computer systems. It helps your firm demonstrate compliance to the GxP regulations
The AMS-360 Benefits
Quicker Access
50% reduction in the time required to provide access to any computer system.
Accurate Access Report
84% improvement in capturing an accurate picture of current state of your system access
Time Saved
70% reduction in time spent manually routing documents, attachments and procuring signatures.
No Lingering Access
Almost zero probability that employees who have changed roles or left the firm still have lingering access to systems
FAQ
- Audit readiness/Audit Risk.
- Employee productivity
- Freedom from storing/maintaining/retrieving of paper forms
- Better control over access management
- Paves the path of the organisation towards digitization.
- Manual processes for access approval typically take 2 to 3 days. This means the person requiring access receives it after 2 to 3 days resulting in a loss of productivity for those days. Automated approval flow in AMS 360 brings down this to just a few hours, a reduction of more than 70%
- Also, manual effort in moving the paper form from one person to another and filing it for retrieval requires additional time. This time, when measured for all employees over a year, is quite significant.
- Let's say per access request, one person day of savings in productivity. If an organization has 1000 employees, requesting approx. 5 access in a year; this would mean saving 5000 person-days of effort in a year.
- With AMS 360, management has an accurate picture of current and historic access to every system. This can be easily demonstrated to the Auditor by pulling a report.
- AMS 360 ensures no lingering accesses (beyond the approved timeperiod).
- These reports give the IT department confidence that only the right people have access to the correct systems
- Having such a system in place also demonstrates that the management has control over the access approval and monitoring process.
- AMS 360 makes it easy to ensure the right personnel have the right access to the right systems. It also makes it easy to revoke permissions when employees change roles, especially when they leave the firm.
- With its comprehensive reporting capabilities, the IT department can quickly demonstrate which employee has access to what systems or what users have access to a given system to answer audit queries.
- In AMS 360, we can build customized access request forms for each computer system. While defining the access options, we can also specify dependencies between the different fields (e.g., if Role is selected as Administrators, only then options like "Create new user" will be displayed).
- AMS 360 also allows configuring approval workflow for each computer system. E.g., access requests to Network Shared Drive may require approval of just the department head. However, an access request to QMS (Quality Management System) may need approval from both the department head and the QA head. The approval flow can also depend on the type of roles requested.
- In addition to configurable access form and approval workflow, AMS 360 also allows configuring training requirements and access providers for each computer system (and based on roles requested).
- No, AMS 360 is not integrated with other computer systems to provide automatic access out of the box. The access has to be provided externally.
- Integrating such functionality with other computer systems is complex and needs approval from the OEM of the system to be integrated. Validation of such integration also adds more complexity
- Most homegrown or vendor systems have one (or limited number of) forms for requesting access to all types of assets. And so, access to assets cannot be tracked at different access levels.
- They also lack configurable workflows for approvals and training. Because of these shortcomings, these systems become nothing but electronic paper.
- AMS 360 provides access management at a very granular level (i.e., at all access options levels available in the corresponding computer system). Configurable approval workflow and configurable training need to ensure that only the right person is allowed to get access to the computer systems. In short, AMS 360 provides complete control over access provision
- Access request
- Remove Access Request
- Modify access request
- Access extension request
- Password reset request
- Account unlock request
- A week before Aug 30th, say Aug 23rd, an automated email is sent to the user about the expiring access. Users then have an option to request for extension of the access. If they don't, then on Aug 30th, a request is sent to the IT person to remove the access.
- AMS360 is usually linked up to HRMS (HR Management System). If linked, when an employee leaves the organization, AMS automatically generates requests to revoke access for all the systems the employee had access to.
- The request flows to an approver group (instead of a single person) which usually has more than one approver. The request is simultaneously sent to all members of the group. This eliminates the issue of requests being delayed by leaves and vacations
- You can configure the asset in a million different ways using a feature called “options”. You can also configure complex approval workflows using very configurable rules utilising multiple levels of configurable approval groups. These rules can get as complex as you desire.
- Customers have the option of choosing either of the deployment models. AMS-360 has been successfully deployed on Azure cloud and on-premises in our client's data center.
- AMS-360 is built per GMP guidelines and fully compliant with FDA's 21 CFR part 11.
- AMS-360 is priced based on the number of max assets and users configured. It has three tiers, silver -100 assets/500 users, gold-400/2000 users, and unlimited assets/users.
- Yes, the customer is not locked to a tier. They can upgrade to a higher tier by paying the difference in the licensing costs between the tiers, at the time of the upgrade
