Getting the Big Picture: How Access Governance fits into IT Governance and Risk Management
- LANGUAGE: English DATE: Tuesday, December 08, 2009 TIME: 16:00 - 17:00 CET, 10am Eastern
Access Governance is a key element in every strategy for information and system security as well as IT Governance. However, there are many different approaches from system-level access control management tools for ERP systems with some SoD support up to “Enterprise GRC” solutions which focus on the risk management and governance approaches from a high-level business perspective, sometimes without the interface to IT systems. And access-related controls are only part of that – 4 of 210 controls within COBIT, for example. For sure they are highly relevant, but they are only part of a bigger story. The link from business controls to IT controls and the role and relevance of the access-related IT controls covered by access governance with respect to complete IT Governance frameworks like COBIT is explained in this session. The different elements and approaches to governance are put into context and associated with the GRC roadmap of Kuppinger Cole.
As workers become more mobile and workloads move into the cloud, the traditional model of enforcing security at the network perimeter becomes ineffective. A Zero Trust model of strict access control for every user or device protects your organization from advanced security threats enabling you to stay connected, productive and secure.