RapidValue

Appearance

Sector packs

Pre-configured approval rules + certification policies + sector-specific field-mapping templates, installed at tenant bootstrap.

Sector packs are the difference between "yes, our IGA can do anything, go define your rules" and "start here, override what you need".

Available packs

Financial Services

Frameworks: DORA, SOX, MiFID II, EBA guidelines on outsourcing, ISO 27001

  • Approval rules for trading-system access (4-eye + risk officer)
  • Certification cadence: 90 days for trading + privileged, 365 days for back-office
  • SoD policies for separation between trade execution and settlement
  • Field mappings for Murex, Calypso, Bloomberg AIM, Refinitiv

Healthcare

Frameworks: HIPAA, GDPR Art. 9 (special category data), HDS (French), NEN 7510 (Dutch)

  • Approval rules requiring DPO sign-off for any access to PHI systems
  • Certification: 180 days for clinical, 90 days for admin/IT
  • Break-glass workflow for emergency access with retrospective audit
  • Field mappings for Epic, Cerner, Chipsoft HiX

Public Sector

Frameworks: NIS2, eIDAS 2, ENISA secure software supply-chain guidance, national PSI/AVG/IS frameworks

  • Approval chains for citizen-data access (manager + data steward + privacy officer)
  • Certification: tied to fiscal-year governance cycles
  • Whistleblower-safe audit (separation of admin and auditor roles enforced)
  • Field mappings for Microsoft Government Community Cloud, EU public cloud providers

Manufacturing

Frameworks: IEC 62443, NIST 800-82, OT-IT segregation, ISO 27001

  • Distinct policies for IT vs OT identity domains
  • Approval rules for production-floor system access (plant manager + shift supervisor + IT)
  • Certification linked to safety-training validity
  • Field mappings for Rockwell, Siemens MES, SAP Manufacturing

Mid-Market

Frameworks: NIS2, ISO 27001, GDPR

The default pack — works for any organization 100-5000 employees that doesn't fit a regulated sector but still needs structured governance.

  • Manager-approval default for low-risk requests, security-officer for high-risk
  • Certification: 180 days global
  • Birthrights based on department + role
  • Field mappings for the top SaaS bundle (M365, Google Workspace, Slack, Atlassian)

AI Enterprise

Frameworks: EU AI Act, NIST AI RMF, ISO/IEC 42001

For organizations building or operating AI systems at scale.

  • Distinct entity type for AI agents alongside human identities
  • Approval rules requiring AI ethics officer sign-off for autonomous agents with write permissions
  • Certification for AI model training data access
  • Field mappings for Hugging Face Enterprise, OpenAI / Anthropic / Azure OpenAI admin consoles, internal model registries

What gets installed

Each pack ships:

ComponentWhat it does
Approval rulesPre-configured chains keyed to risk level + resource type
Certification policiesPeriodic review cadences with reviewer roles
SoD policiesSector-specific forbidden combinations
Field-mapping templatesSample mappings for sector-typical targets
Birthright rulesDepartment + role → baseline access bundles
Risk classificationsSector-typical risk levels per resource type

Installing a pack

During tenant bootstrap, the wizard asks which sector pack to start with. Pick one — you can install additional packs later or remove the one you started with.

Installation creates the rules as drafts. Review them, edit what doesn't fit your specifics, then activate.

Customizing a pack

Packs are starting points, not lock-ins. Once installed, all components are editable:

  • Edit individual rules in Governance → Approval rules
  • Adjust cert cadences in Governance → Periodic reviews
  • Override field mappings in each connector's settings

If you want to track that you've diverged from the pack baseline, the governance page shows a diff vs pack for each rule — useful for audits that ask "did you implement the standard policy?"

Removing a pack

Removing a pack does not delete the rules — it just removes the "this came from pack X" tracking. The rules stay active until you explicitly remove them.

This is intentional: you don't want a pack uninstall to silently disable governance you've come to depend on.

RapidValue IGA · Built in Belgium

© 2026 RapidValue. Sovereignty-first identity governance.