Access Governance

  •  TYPE: Track    START DATE:  Wednesday, May 15, 2013     START TIME: 10:30    LOCATION:  AUDITORIUM
Parent Track

Moderator(s):

Access Governance, also called Identity and Access Governance (IAG) is a core discipline in any GRC (Governance, Risk Management, Compliance) initiative on one hand and also in any IAM (Identity and Access Management) initiative. Access Governance is about managing and governing access to systems and information, both on-premise and in the cloud. It is thus about reducing Access Risks. Specific Access Risk Management is one of the disciplines within Access Governance. Another one is Access Intelligence, which allows to analyze current access rights and identify access risks. Other elements are Access Request Management, centralized Access Warehouses, the support for standardized, efficient Access Attestation/Recertification, and Enterprise Role Management. The latter supports the common approaches of Role Based Access Controls but also delivers important role information as a core attribute in more advanced authorization concepts of ABAC (Attribute Based Access Control).


Continuing Education Credits

Prerequisites: None
Advance Preparation: None
Learning Level: Intermediate
Field: Computer Science

After attending this block you will be able to:

  • Explain why access governance is difficult to achieve
  • Define the stakeholders for access governance within the organization
  • Explain why Segregation of Duties is important to access governance
  • Describe how access governance is maturing beyond simple recertification of access rights
  • Describe the future trends in the market around expanding Access Governance to all types of access and to support for direct reconciliation
  • Describe how access governance was successfully introduced in an energy trading company
  • Describe how access governance processes were implemented in a bank using a central system.
  • Explain what access intelligence means in practice
  • Describe how an organization used COBIT 5 to assess access risks and launch a global identity  and access governance programme
  • Explain how to continuously identify and track access risks

This block qualifies for up to 5 Group Learning based CPEs depending on the number of sessions you attend.

Sessions:

Access Governance as a Multiyear and Multidimensional Program

Date: Wednesday, May 15, 2013 Time: 10:30-11:30

Access Governance as a Multiyear and Multidimensional Program
Berthold Kerl, KuppingerCole

Access Governance: Why is it so difficult? There is no easy way out! Does Access Govenance have a business case? It´s a multi-dimensional challenge therefore many stakeholders need to contribute (e.g. HR, IT, Business, Legal, Data protection) How to define priorities? Strong program governance is key

Access Governance & Intelligence at Deutsche Bank AG
Carolin Pfeil, Deutsche Bank AG

Following the worldwide financial crisis all Financial Institutions are facing increasing regulatory requirements globally. A major focus is put on the evidence for having implemented a consistent approach to the “Segregation of Duties” (SoD) principle. A key challenge is to not only achieve this within a specific application or organizational unit, but to continuously check and monitor the implementation across applications, business processes or entire departments in a...

Redefining Access Governance: Going well beyond Recertification

Date: Wednesday, May 15, 2013 Time: 11:30-12:30

Redefining Access Governance: Going well beyond Recertification
Martin Kuppinger, KuppingerCole

When looking back at the evolution of Access Governance, this is a history of change and rapid innovation. From the days of “Enterprise Role Management”, before the term Access Governance even was known, to common marketing terms like IAG (Identity and Access Governance) or Access Intelligence, a lot has happened. Virtually all major players have entered this market. Products became more mature. Access Governance has replaced Identity Provisioning as the typical starting point...

Access Governance: How to Govern all Access
Dr. Martin Kuhlmann, Omada • Christian Patrascu, Symantec • Deepak Taneja, Aveksa • Darran Rolls, KuppingerCole • Jackson Shaw, Clear Skye • Marco Venuti, iWelcome

Access Governance is a key building block in IAM (Identity and Access Management) deployments and as part of IT GRC. However, traditionally Access Governance focuses on managing access based on roles and thus on static assignments. It frequently lacks tight integration with Privilege Management for highly critical IT users like root, system accounts, or shared accounts. It also typically lacks support for managing business and security rules within Dynamic Authorization Management, for...


Congress

European Identity & Cloud Conference 2013

Language:
English
Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • May 14 - 17, 2013 Munich/Germany