Skip to main content
Coforge

User Access Review System on Power Platform: Enabling SOX-Compliant Access Governance through Scalable Power Platform Architecture

article banner

Overview

One of the world’s largest energy companies required a robust and scalable solution to manage its annual user access review process driven by SOX compliance requirements. The existing application built on PEGA had limited features and did not align with the organization’s strategic direction toward Power Platform. Coforge partnered with the client to design and implement a secure, enterprise-grade User Access Review (UAR) system on Microsoft Power Platform.

Capabilities

Challenge

Building a Secure, Scalable, and Compliance-Driven Access Review Framework

  • SOX compliance requirements mandating annual user access reviews for all internal users
  • Existing UAR application built on PEGA with limited features
  • Strategic shift toward Power Platform as preferred low-code/no-code platform
  • Requirement for business analysis of review processes across stakeholders
  • Need for architecture design to support exponential user growth and multi-level approvals
  • Requirement for highly secure integration with internal services and systems
  • Extensive retention and archival requirements driven by compliance needs
  • Integration with User Management Access Tool (UMAT) for automated access provisioning and revocation
  • Requirement for security implementation across metadata, organizational units, teams, and roles
  • Need to enable scheduled annual reviews and on-demand manual review processes

Solution

Enterprise-Grade UAR Platform Built on Microsoft Dataverse and Power Platform

Coforge collaborated with business and IT stakeholders to design and implement a comprehensive UAR solution:

  • Developed solution using Microsoft Dataverse as backend
  • Built Canvas Apps for end users and Model-driven Apps for admin dashboards
  • Integrated internal enterprise services using custom connectors and APIs
  • Utilized virtual entities/tables for data access via data flows
  • Extended Dataverse default tables to support custom requirements
  • Implemented security using Azure AD roles, organizational units, and business unit-based access
  • Enabled data and log archival using Azure Data Lake
  • Implemented features such as notifications, delegated approvals, and advanced search
  • Established Power Platform ALM for deployment across multiple environments

Impact

Strengthening Compliance, Reducing Costs, and Enhancing Enterprise Access Governance

  • Enabled rapid integration with enterprise systems using Power Platform connectors
  • Reduced dependency on custom code through shared platform solutions
  • Lower licensing costs compared to legacy PEGA-based system
  • Simplified integration with Azure AD, Azure services, and Dynamics 365 ecosystem

Bring us your challenge

Let’s Coforge your next success story

Connect with us

WHAT WE DO

Explore our wide gamut of digital transformation capabilities and our work across industries

Explore