Search

It wouldn’t be unusual for a large organization to have hundreds of access-risk gaps that must be investigated and assessed and whose legitimacy must be confirmed. Inevitably, you will have a subset of individuals who must have access to a broad range of systems, processes, and transactions to perform key tasks that create SoD violations….

Understanding Access Risks Risk analysis is more than simply understanding who has access to what services. It’s also about what they are doing with their access. A proper analysis of access risk enables the organization to understand the risks and prioritize risk-resolution activities, because not all risks are equal. A detailed analysis of segregation of…

Implementing Controls for Exceptional/Super User Access It is not possible to eliminate all access policy conflicts where exceptional access needs to be granted to users to support business requirements.  Emergency access enables a business or IT personnel to resolve problems in a timely manner within key business operating and transaction systems.  When these situations occur,…

The Need for Banks to Manage Compliance More Effectively and Efficiently While banks have always faced regulatory-driven change, the sheer volume of significant new regulation being introduced has become unmanageable for many. Looking ahead, conditions are set to remain challenging over a long period, especially considering the EU’s MiFID changes that are set to take…

Guest Blog: Brian Gonzalez Hernandez, SAP This Monday was the annual Talk-Like-a-Pirate-Day and while it is a celebration that I have always enjoyed, I thought today may be an important time to also speak on modern day piracy. When we think of Pirates, we often think of the likes of Blackbeard or the French Corsairs who were…

Connecting SAP Access Control to Concur, Ariba, SuccessFactors and More Can you manage Segregation of Duties (SoD), critical and sensitive access, and super-user access effectively and efficiently across the enterprise? Or do you have to deal with siloed systems that make it difficult to enforce governance? Do you need a unified, enterprise-wide approach to managing…

Adding Value to Identity & Access Governance Technologies to automate Identity Management (IDM), Access Request Management (ARM), Identity & Access Governance (AG), or access review and certification as it’s known in plain English, have been around for years, yet still have not been able to address user access risk in real-time.  Why you ask?  Let’s…

Enable Exception-based Access Violation Monitoring In most organizations, a certain level of Segregation of Duty (SoD) violations must be accepted for the business to function efficiently, and mitigating controls are implemented to address the remaining risk. Those controls, however, are typically manual in nature, and locating actual exceptions is like searching for a needle in…

To Rationalize & Harmonize Controls Requires Correlation Unified Compliance Framework® (UCF) has done a lot to rationalize the growing number of compliance and industry controls, avoiding a duplication of controls. The Common Controls Hub simplifies the need to locate, research, interpret, and reconcile new and evolving mandates by giving compliance professionals the ability to centrally…