Lessons that GRC and IAM could learn from ITIL - and where ITIL helps in defining IAM
Facebook Twitter LinkedIn

Lessons that GRC and IAM could learn from ITIL - and where ITIL helps in defining IAM

Combined Session
Wednesday, May 06, 2009 15:00—16:00
Location: GALAXIS

Lessons that GRC and IAM could learn from ITIL - and where ITIL helps in defining IAM

Even while ITIL v3 integrates a little bit of access management, the siloes of ITIL, IAM, and GRC are well isolated in most organizations. On the other hand, and approach which understands Identity as a Services is mandatory. These services should be defined using the methodologies of ITIL and, if applicable, follow the defined ITIL best practices. Beyond that, the definition of any Application Security Infrastructure requires the definition of services. ITIL and its methodologies can support there as well, in defining services for the interface between the IAM and the SOA silo.

Lessons that GRC and IAM could learn from ITIL - and where ITIL helps in defining IAM
Presentation deck
Lessons that GRC and IAM could learn from ITIL - and where ITIL helps in defining IAM
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Martin Kuppinger
Martin Kuppinger
KuppingerCole
Martin Kuppinger is Founder and Principal Analyst at KuppingerCole, a leading analyst company for identity focused information security, both in classical and in cloud environments. Prior to...

Is the IAM Focus of Today’s GRC Platforms Sufficient?

Most of today’s GRC platforms focus on IAM aspects, mainly access control. Attestation capabilities are focused on the access controls, authorization management is as well, as are the SoD rules. But there is more in GRC. “Classical” security aspects including the management of security events, business continuity, license compliance, and so on – all these areas have to be covered from a Governance, Risk Management, and Compliance perspective. There is no doubt about the central role IAM related issues have. Anyhow, it is time to discuss the question whether future GRC platforms shouldn’t go beyond IAM and include ITSM/BSM (IT/Business Service Management) and thus all the things covered by ITIL, SIEM (Security Incident and Event Management), and more.

Peter Heintzen
Peter Heintzen
Oracle
Peter Heintzen leads the Oracle Identity Access Management presales team in Western Continental Europe. Since June 2006 he has been responsible for the Oracle Security Portfolio with focus on...
Ben Schröter
Ben Schröter
IBM
Ben has 6 years experience as an IT specialist. During the last 3 years he was within the security sector, mainly in the area of Identity and Access Management. During his career, he gained...
Mike Small
Mike Small
KuppingerCole
Mike Small is the retired director of security management strategy of CA, where he was responsible for the technical strategy for CA's security management software product line within Europe,...
Marko Vogel
Marko Vogel
KPMG
Marko Vogel is a Partner in KPMG’s Cyber Security practice in Germany and has over fifteen years of experience conducting Advisory engagements related to Information Security, Cyber Security,...
Peter Weierich
Peter Weierich
Voelcker Informatik
Peter Weierich, born in 1964, studied Computer Science and Medical Informatics in Erlangen. Since 2006 he is Head of Marketing and Sales at Völcker Informatik AG.
Rudolf Wildgruber
Rudolf Wildgruber
Siemens IT Solutions and Services GmbH
Rudolf Wildgruber, graduated in computer science at the Technical University Munich in 1980 and worked for nearly 10 years for a medium-sized HW/SW manufacturer as systems engineer. From October...
Subscribe for updates
Please provide your email address