Simple user administration in the absence of an IT department - IAM Solution DEVK

Initial situation

For more than 125 years, policyholders in Germany have placed their everyday risks in the hands of DEVK Insurance companies. Today, DEVK employees nationwide serve around 4 million customers with 14 million risks in all insurance lines. In total, more than 6,000 employees roll up their sleeves to help quickly and energetically.

DEVK’s wish (IAM Solution DEVK): a significantly simplified and faster assignment of user rights for its own company-wide IT systems. Even employees in the divisions with little technical affinity should be able to independently take on tasks within user administration.

The Challenge

DEVK’s IT department had to connect a large number of sales partners to the central, self-developed application for master data management within a short period of time. Manually administering the new clients would have been a huge effort – combined with a significant increase in the IT team.


In DEVK’s sophisticated role concept, the technical competencies of the SAP system and the higher-level authorization management of GARANCY Identity Manager complement each other. In this process, a working group in SAP creates the fine-tuned SAP roles with the specialist departments and then hands them over to IT Service & Operations. The SAP team is thus purely responsible for the composition of the roles, it does not assign users to the roles. This is the sole responsibility of the IAM system, which bundles these SAP roles with authorizations for other IT systems in GARANCY roles above them.

“The GARANCY role is thus the superordinate instance; the employee’s complete expertise is compiled in it,” explains Lutz Becker. In this way, in the various IT systems such as SAP, the insurance application or the Windows systems, the correspondingly required authorizations for each task profile are defined as a role, which are then linked in GARANCY Identity Manager to the personal authorization profile of the respective employee.

Thus, practically the entire organizational structure of the insurance company is mapped in the authorization management. The department can thus grant new employees their individual access rights much more quickly. The IT department then only clarifies the last open points – in consultation with the specialist department. In the past, it could take up to five days before the employee was completely ready for work. Today, they can access all the IT systems they need for their work in just two to three hours.


Thanks to the new version (IAM Solution DEVK), the insurance company can pay even closer attention to compliance with governance regulations in authorization management, also known as access governance. This topic enjoys a lot of attention within DEVK today. In GARANCY IDM from Betasystems, custom risk parameters and information can be entered for different entities – groups, roles, and users. In the meantime, DEVK also wants to introduce user classes.

Learn more about the methodology of IAM implementation here

Download your free white paper now!

Year founded: 1886
Employees: 6,000
Headquarters: Cologne
Industry: Insurance

The Challenge
The IT department of DEVK had to connect a large number of sales partners to the central, in-house developed application for master data management within a short period of time.

Due to the increasing shift of standard tasks to the specialist departments – further enhanced by the introduction of GARANCY Process Center – the IT department can concentrate on its core tasks and manage a larger number of clients with an equally strong team.


“Access governance enjoys a lot of attention within DEVK today. With GARANCY IDM, we can pay even closer attention to governance compliance in authorization management.”

Lutz Becker
Senior Specialist IAM Architecture