Search

Identity governance administration (IGA) is an approach to managing identities and controlling access based on policies. Unlike traditional identity and access management (IAM) tools, IGA systems integrate identity governance and identity administration to provide additional functionality. These systems are particularly useful for auditing and meeting compliance requirements. IGA systems offer automation capabilities for user provisioning…

What is a SOX Audit? To comply with the Sarbanes-Oxley Act of 2002 (SOX), organizations are required to conduct a yearly audit of financial statements.  A SOX compliance audit is intended to verify the financial statements of the company, and the processes involved in creating them. During the audit, the financial statements and management of…

At the SAPinsider 2020 virtual conference experience, one of our product demo attendees asked how Pathlock works with SAP GRC Access Control. We get this question a lot as SAP security and system professionals explore adding attribute-based access controls (ABAC) to the native SAP role-based access controls (RBAC) to streamline and strengthen access policy management…

What are SOX Controls? SOX controls, also known as SOX 404 controls, are rules that can prevent and detect errors in a company’s financial reporting process. Internal controls are used to prevent or discover problems in organizational processes, ensuring the organization achieves its goals. SOX controls are driven by the 2002 Sarbanes Oxley Act (SOX)…

What is SAP Access Control? SAP Access Control, part of SAP Governance Risk and Compliance, is an enterprise-grade software application that lets you control access to SAP applications and resources. It can help you make sure business users have the right access to SAP, minimizing the time and cost spent on achieving compliance. SAP Access…

What is UK SOX? The UK’s new corporate governance regime, unofficially referred to as UK SOX, is an initiative introduced by the government in response to the need for reform. The concept of UK SOX emerged in approximately 2019 after a comprehensive examination of auditing practices. Sir Donald Brydon played a pivotal role in this…

PeopleSoft teams often face threats caused by excess privilege, malicious insiders, and access misuse. Most of these can be mitigated with internal policies and periodic user access reviews. These reviews are critical when PeopleSoft users transition to new roles, employees offboard, or new people join the organization and are assigned specific roles. Often, the previous…

DORA: A Brief Overview The European Commission introduced the Digital Operational Resilience Act (DORA) as part of the Digital Finance Package in September 2020. DORA aims to enhance Information and Communications Technology (ICT) risk management in the financial sector by establishing common standards for all financial institutions within the EU. The Act was passed into…

An information security strategy greatly depends on the effective management of access control. Attributed-Based Access Control, or ABAC, offers a dynamic method for controlling access to resources. ABAC provides smart decisions based on a wide range of user-related attributes, including associated resources, actions, and contexts. This multi-dimensional decision-making process sets ABAC apart. ABAC features four…