Under Pressure From the Auditor: Rapid Response by Rapid Access Reviews
- LANGUAGE: English DATE: Thursday, June 27, 2019 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Most organizations are aching under the pressure the feel from auditors in delivering information. A large portion of that is based on access reviews, i.e. demonstrating that the least privilege principle and related regulatory requirements are met.
Basically, there are two major challenges:
- Getting a consistent picture of access entitlements across all applications – the “import challenge”
- Focused review of entitlements – “the review challenge”
This webinar will focus on how two aspects. One is how to get ready for tool-supported, efficient access reviews in weeks, not months or years, by gaining a consistent view on entitlements even of complex applications and systems such as mainframe environments, banking applications, or SAP environments. The other is on how to focus the review in a way that the organization can carry the burden, without halting the business of performing other tasks – their main tasks in doing business, not audits.
In the webinar, you will learn about
- What it really requires to fulfil the audit requirements
- The challenge of normalizing the entitlements across complex business applications
- How to focus your reviews
- A project plan for weeks, not years to get your audit running
In the first part, Martin Kuppinger, Principal Analyst at KuppingerCole, will talk about the challenges of today’s Access Reviews and how to concretely overcome common pitfalls, to deliver rapidly and efficiently on the audit requirements.
In the second part, Laurent Berns and Arnaud Fléchard of Kleverware, will give insight and demo on importing access entitlements, normalizing the structure of such entitlements, and dealing with the specifics of certain environments. He then will demonstrate how to run efficient access reviews on that information.
Kleverware provides solutions to help supervisors and managers be sure they are in compliance to standards and regulations. Post-assessment, the resulting instructions relayed by auditors (Internal Control or Account Auditors) are becoming increasingly drastic. To ensure maximum security, Kleverware IAG reduces the risks customers may encounter by providing flexible solutions.
There is growing interest in deception as a methodology and as an integral part of cybersecurity architecture, as organizations seek more effective approaches for detecting and responding to threats in real time. Distributed Deception Platforms have made this approach practical and affordable for the first time, but choosing the right solution can be challenging.