Independent. Dynamic. Involved.
nlen

Identity and Access Governance

Identity & Access Governance (IAG) solution gives an organisation control over who has access to data and to which data. People often fail to realise or acknowledge that logic is required to achieve the structured management of information and systems. Policies are not translated into operational processes, and no framework exists to make standardisation possible.

This access issue is what usually generates the most findings during an audit. In the short-term, employees may find the discretionary allocation of access a convenience. But as time passes, allocation of permissions becomes rampant and this will eventually lead to the business being damaged. IAG is a combination of internal control mechanisms limiting the risks from unauthorised access and providing compliance improvements.

Approach

The starts with establishing the IST-SOLL situation: the comparison of how the current access rights are implemented with the desired final situation in a roles model.

The identification of related business processes will enable enforcing control and access rights, and will also increase knowledge and control over who has what type of access to systems and corporate information and when. This prevents nasty surprises.

Key Principles

To trace application activities back to individuals, each individual account must be traceable to an actual person recorded in a source registration.

No test accounts may be active in the production environment, as these can be misused for actual transactions.

To prevent the circumvention of functional roles, no account must exist that has all authorisations.

Business Solutions

Identity & access management must be implemented using a transparent and consistent organisational structure. This is founded on the so-called authorisation verification process that enforces ‘administrative hygiene’ through the use of analysis software.

Would you like to learn about IAG solutions and related issues? Feel free to contact Traxion and read the latest blog postings.