Considerations in Selecting an Identity & Access Governance Solution in Financial Institutions

  • TYPE: Roundtable DATE: Thursday, May 16, 2013 TIME: 14:00-16:00 LOCATION: WALCHENSEE


Rosa’s presentation will outline the key considerations in selecting an enterprise IAM/IAG solution with focus an financial institutions. Areas to be covered include

  • business requirements,
  • architecture,
  • functionality,
  • integration,
  • compliance,
  • roadmap alignment

and much more.


Rosa is Principal and Founder of KeyData, a consultancy specializing in Identity and Access Management, IT Security Management, Operational Risk Management and Compliance Management. A recognized expert in IAM, Rosa provides consulting in all aspects of IAM including: business analysis and...

Many organizations are facing sort of a “GRC sprawl”. There are many disparate initiatives for GRC (Governance, Risk Management, Compliance) at various levels of the organization and in different divisions. On the other hand, it is all about enforcing governance, meeting regulatory compliance requirements, and managing and mitigating risks. Access Governance, for instance, is about Access Risk. The only reason to do Access Governance is that Access Risks might result in operational risks, reputational risks, and even strategic risks. Failure in managing access risks even might drive an organization out of business.

Thus, moving forward towards a more integrated view on GRC and cooperation and integration between the various levels and elements of GRC – such as Operational Risk Management, Business GRC, Continuous Controls Monitoring, IT GRC, Security Event Monitoring, or Access Governance – is a mandatory step. This is not about having only one team and solution in place, but it is about defining the interfaces between the various elements of GRC, both from an organizational and technical perspective. One approach on GRC, one approach on managing risk, etc.: Alignment is key to success in real Enterprise GRC.

The panelists will talk about their view on the need for such integration, the approaches to make progress on this, and their overall experience in mastering the challenge of moving forward from GRC sprawl to an enterprise-wide GRC concept.


Heinz-Dieter Schmelling is Chief Security Officer at Portigon AG (legal successor of WestLB), a finanical service provider in particular with regard to the management of banking portfolios. His area of accountability as a CSO encompasses all functional arrays of corporate security globally...

Academic Studies of economics at Helmut Schmidt University of the Federal Armed Forces in Hamburg (Dipl.-Volkswirt) and of business management at distance university Hagen (Dipl.-Kaufmann). Officer of carrer at the Federal Armed Forces of Germany, in the last position as S6-Officer responsible...

When setting up an access management and governance solution, large organizations often have to deal with hundreds of applications with different access control models. This creates various challenges on organizational and technical level, like for example: How should audit policies, attestation campaigns and request processes be set up across applications? How can reports and dashboards be tailored effectively? What is the most efficent approach with regards to connector technology?

This session will provide recommendations for setting up a comprehensive IAG/IAM solution for "many applications" scenarios.


Dr. Kuhlmann plays a key role in the continued development Omada’s solutions, including the award-winning Omada Identity Manager solution that is built entirely on the Microsoft platform and integrates with Microsoft Identity Lifecycle Manager to provide a robust solution for Compliance...

Mr. Darran Rolls is the Chief Technology Officer and Chief Information Security Officer and at SailPoint, where he is responsible for directing the company’s technology strategy and security operations.  Mr. Rolls has a long history in identity management and security at companies...

Andrea Rossi is leading global Identity Governance sales at IBM. Prior to this, Andrea Rossi has served as VP Sales & Partners at CrossIdeas, acquired by IBM on July 31st 2014., where he was one of the original founders, Rossi previously served in a number of roles at Novell, where he was...

Deepak Taneja is the Founder and CTO of Aveksa, a security compliance software company. Prior to founding Aveksa, he was CTO and VP of Engineering at Netegrity. In this role, he was instrumental in growing the company into the market leader in Identity and Access Management. Previously he...



European Identity & Cloud Conference 2013

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 14 - 17, 2013 Munich/Germany