Structured IAM Governance at CSS Insurance
CSS standardized heterogeneous access environments, automated recertifications, and introduced scalable, audit-ready role management with NEXIS.
About CSS
CSS operates in a regulated insurance environment and manages around 5,000 digital identities, including technical, test, and training accounts, alongside approximately 13,500 authorizations. The organization has used NEXIS since 2019 and currently maps around 3,300 productive roles in the platform.
- Industry Insurance
- Digital Identities Around 5.000
- Authorizations Around 13.500
- Productive Roles in NEXIS Around 3.300
The Challenge
CSS needed to integrate a large number of heterogeneous target systems into its existing IAM environment based on NetIQ. The goal was to improve transparency, reduce manual recertification effort, and establish a sustainable foundation for lifecycle-oriented identity governance.
Access governance across more than 45 target systems was difficult to manage consistently because attributes were complex and not standardized. Manual recertifications took up to five months, while regulatory and security expectations in the Swiss insurance sector required stronger traceability and control.
The goal was to:
- Gain transparency across users and authorizations
- Build a consistent, role-based governance model
- Reduce manual recertification effort
- Improve traceability and compliance readiness
- Establish a stronger foundation for user lifecycle management
The Approach
CSS implemented NEXIS as the central platform for role governance and worked in a structured rollout model to harmonize data structures, centralize governance, and replace manual administration with automated processes.
Via custom plugins for heterogeneous target environments
To deliver structured access information to consuming systems
Replacing previously manual and Excel-based processes
Covering 90% of productive authorizations
The Results
With NEXIS in place, CSS improved authorization management both organizationally and technically. Manual processes were replaced with structured governance, data quality improved, and role models, system access, and recertifications became more transparent, traceable, and audit-ready.
- Time Savings
Recertification reduced from five months to eight weeks - More Transparency and Traceability
90% of permissions covered by a role-based model - User-Friendly Handling
More independent access management for employees - Audit-Ready Governance
Compliance supported through automated and traceable processes - Lifecycle Readiness
A stronger basis for joiner, mover, and leaver processes
“With NEXIS, we have not only automated our processes, but also created genuine transparency – across systems, roles and authorisations. The implementation was structured, solution-oriented and technically on par. NEXIS has noticeably reduced our daily workload.”
Read Also
Finanz Informatik Technologie Service GmbH Raises Recertification Quality With NEXIS
FI-TS replaced Excel-based recertifications with a scalable, web-based solution designed to improve auditability, increase role-level transparency, and support governance and...
UNIQA Strengthens Identity Governance and Compliance with NEXIS
How one of Europe’s leading insurance groups improved access transparency, audit readiness, and governance efficiency.