SlideShare a Scribd company logo

Entitlement and Access Manegement

Axis Technology, LLC
Axis Technology, LLC

Regulatory control functions, such as Operational Risk, Compliance and Audit, increasingly raise questions around the scope, management, and clarity of entitlements within distributed and mainframe application environments

Technology
1 of 15
5© Copyright 2012 Axis Technology, LLC Entitlements and Access Management
Entitlement and Access Management Regulatory control functions, such as Operational Risk, Compliance and Audit, increasingly raise questions around the scope, management, and clarity of entitlements within distributed and mainframe application environments. • • • • Entitlements are used to determine what a user is allowed to do once they are in a network or application. Often Implemented as a shared service within specific technology stacks. Typically includes query-able metadata repository for Compliance, Management, Auditing and Reporting. Entitlement Management tools externalize and centralize fine-grained authorization policies for enterprise applications, web services, and data. 2© Copyright 2012 Axis Technology, LLC Entitlement management can be used to strengthen the security of Web services, Web applications, legacy applications, documents and files, and physical security systems. Implementation of a metric-driven policy that is consistent across all applications is becoming more important in the face of regulatory pressures from Sarbanes-Oxley, HIPAA, PCI and the like. Enterprise Entitlement Solutions typically include separate mainframe, application specific and LDAP based solutions
Regulators Signific Regulatory Requirements for improved Entitlement Management Change capabilities are increasing to challenges with legacy due processes and regulation changed and Auditors are focusing on legacy controls and processes put in place in response to SOX and GLBA that are under renewed scrutiny due to regulatory focus ant operational and reputational risk exposure with entitlements that do not conform to security policies, regulations, and/or best practices. Typical entitlement systems do not provide business friendly information for required management reviews of user access. 3© Copyright 2012 Axis Technology, LLC
Entitlement Management - Approach Determine Target State Options Analyze Current State Design Implementation Plan Execute Plan Work with security administration, business teams and application owners to: • • Identify the applications in scope and their responsible business and technology organizations Document current state of user’s profiles and entitlements grouped by organizations: – Inventory of the existing job functions, profile details and corresponding entitlements. – Determine overlap and uniqueness of resource entitlements across groups. Work with security administration teams to analyze existing entitlements to determine the applications associated with job roles and functional usage of each entitlement Validate understanding of existing entitlements and determine their alignment to existing business roles and the applications used to carry out business function. Document gaps within existing Entitlements Management structure • • • 4© Copyright 2012 Axis Technology, LLC Deliverables Benefits • Inventory of Entitlement Types, Processes and Categories • Remediation criteria and functional requirements • Development of remediation rules and approach for each category • Provides a comprehensive understandingof the types of entitlements in the environments (unreferenced, obsolete, valid, override) • Creates understandingof current state Entitlement Management processes
Entitlement Management - Approach Determine Target State Options Analyze Current State Design Implementation Plan Execute Plan • Work with application and business management to recommend valid target job role definitions with associated business functions and required resource entitlements. – Establish existing business role definitions and entitlements expected for each role. – Align functional groupings of entitlements into corresponding Job Roles. Recommend possible cleanup of obsolete, redundant and unused entitlements Rationalize Entitlement usage within the existing user base by recommending enhanced descriptions and definitions of roles, profiles and entitlements in a way that clearly: • • – – – Shows what a user’s entitlements are, Shows that a user does not have more entitlements than they need, Allows reviewers to understands what entitlements are being granted and identify any potential conflicting entitlements 5© Copyright 2012 Axis Technology, LLC Deliverables Benefits • Documentingprocedures for the remediation of entitlements by category • Analyzing business and technical impact • Reviewing and documenting end-to-end remediation process • Remediation steps are designed at a holistic level to ensure that impacts are minimized and efficiencies are realized.
Entitlement Management - Approach Determine Target State Options Analyze Current State Design Implementation Plan Execute Plan Determine Implementation Options and Target Design for Entitlements Provisioning: • Map profiles and entitlements between Current and Target State. – – – Develop design options for entitlements provisioning based upon target state role definitions. Identify procedures for migration of existing entitlements to target entitlements. Identify potential and implied impacts, business and technical support dependencies and rank conversion procedures based upon risk and effort estimates. • • Select design direction and create high-level design documentation. Develop implementation plan for required provisioning components. – Develop new compliance and control process and procedures to ensure the integrity of the implemented solutions going forward. Coordinate provisioning component definition and options selection.– 6© Copyright 2012 Axis Technology, LLC Deliverables Benefits • Implementation • Communication plan • Selection of Pilot remediation activities • Milestone based plan to ensure effective communication and awareness.
Entitlement Management - Approach Determine Target State Options Analyze Current State Design Implementation Plan Execute Plan • Coordinate implementation efforts with administrative and operation groups that carry out the transition from current to target state: – – – Review of risk mitigation strategies and back out procedures Phased rollout strategies SLAs, point of contacts, escalation procedures and progress reporting strategies • Phased rollout of the Target State implementation: – Initial Pilot Implementation (with learning used to adjust implementation plan) – Multi-phase rollout across business units and divisions with validation, progress reports and implementation plan adjustments based on outcomes and learning Post Implementation review: – Implementation result assessments – Learning and inputs to future Integrity Maintenance • 7© Copyright 2012 Axis Technology, LLC Deliverables Benefits • Remediation of selected entitlement scenarios • Revising process documentation and plans including lessons learned and post remediation audit steps • Piloting allows for the process and effort assumptions to be validated and improved prior to full engagement
e. siness functions. Entitlement Management - Expertise • Technical – – Comprehensive understanding of the existing entitlement management frameworks and their implementations. Technical knowledge required to extract entitlement sources and verify entitlement usag • Analytical – – Analyze current state and its integration with the Enterprise Entitlement strategy. Technical and business SME and stakeholder interactions: • • • • • • Business Operations Entitlement Administration Compliance Audit ApplicationDevelopment InformationSecurity Officers – – – Articulate the rules that will need to be enforced to secure the solution and align with bu Identification of control gaps in accordance with security and audit compliance policies and standards. Identification of business and technical conversion impacts and risks. • Implementation – – – Modification of Control routines based on the analysis. Clean up and realignment of the existing entitlements configurations Review and development of new procedures and processes around the provisioning process that implement and check these new rules so that the integrity of the solutions will be maintained going forward. 8© Copyright 2012 Axis Technology, LLC
9© Copyright 2012 Axis Technology, LLC Entitlement Management Case Study
Mainframe Entitlement Remediation • Project Drivers stem from audit findings related to access management including: • • • General presence of excessive entitlements across the enterprise due to the complexity of User IDs, roles and profiles Poor quality of manager entitlement reviews due to awareness, information availability and process gaps Lack of a risk based scoring process and approach to the management of entitlements • Within Mainframe environments, issues manifest themselves by: • • • • • • Overly complex IDs and profiles that include obsolete and extinct entitlements Improper toxic combinations and excessive entitlements within and across assigned profiles Weak or non-existent definitions of entitlements and profiles designatingfunctionality and/or usage Inconsistentfunctional implementations of RACF & Top Secret that have become institutionalizedwithin LOBs Deficiencies in the procedures to manage and maintain the integrity of user access controls and entitlements Complex entitlement provisioningbeing understood by a limited number of individuals • Remediation is hampered by legacy mainframe technology constraints: • • • • Lack of formal Role Based Access Control (RBAC) Mainframe entitlements structures that do not allow for people to define their usage Legacy custom developed methods that extend entitlement capabilities Unique access controls embedded within application code leading to additional layers of management complexity 10© Copyright 2012 Axis Technology, LLC
Stakeholder Integration This effort was a key part of multiple Access Management Audit Response workstreams that required Axis to create strong integration among multiple constituents The goal is to remediate roles and profiles so that managers performing entitlement reviews understand what they are reviewing and can ensure that the entitlements are appropriate • • The Axis Project Team brought together key stakeholders to interface and cooperate to effect the changes 11© Copyright 2012 Axis Technology, LLC Business/User Entitlement Administration Axis Project Team Profiles Roles IDs Definitions& Realignment Processes& Entitlement Management QualityAssurance &Data Integrity Interpret and transform Implements Functional Knowledge
opyright 2012 Axis Technology, LLC 12 Current State Analysis Artifacts The complexity of the current state environment was captured through Axis analysis artifacts that allowed for consistent comparison of existing capabilities for gaps, overlaps and critical requirements Risk prioritization and impact analysis of potential solutions provided objective measures for identifying target solutions and the activities required to achieve the biggest benefit • • © C
K K K Administration to ISA for review 5c LOB P and processing Qu Asses Pro (TB 5a 5b 5 COMP C-2 IAM Periodic Entitlement Role/Profile 1. Prof C-6 Quality Review by Administrator 2. eLabAssessment Manager Process 3. Data C-7 Process Completion 4. Prof 5. IDat 6. Perio 7. Ope 8. Syst 9. Prof End 10. Sep 11. IAM 12. Use Target State analysis Artifacts The target state model simplifies understanding• and effectiveness of Role Based Entitlements Gap Analysis of Processes and Controls leads to identification and implementation of changes that • KC-2 Monitoring / Logging of Entitlement Reviews improve 4. No toxic combinations KC-5 Approval of Authorized Signer(s) or Resource KC-6 Periodic Review of Entitlements Entitlements 2. Manager approval 4. Role owner Approved KC-1 GUID RO APP OTRANS 13© Copyright 2012 Axis Technology, LLC Administrator behalf of business List of List of Approvers Data Repository Reporting Administrator needs and 2b Audit review requests Requesting area long term ownership and maintenance of Profile Provisioning Construction and Review Procedures Process Flow Diagram - TARGET Key Controls New Key Controls Added Start RULES CHECK: 1. Numberof Mode Profiles 2. Authorized signers and Managers 1 3. Submitter cannot be approver Initiates 5. Glossary naming convention a request to 6. Enforce Application-centric Profiles Role/Profile (one application per Profile) Administrator 7. Define(s) a Job Role 8. Quality and efficiency of resources check KC-1 Audit Logging of Profile Changes KC-3 Review for Compliance with Construction Standards KC-4 Segregation of Duties - Maker / Checker Owners(s) KC-7 Documented Process or Procedure to Implement Standards KC-3, KC-4, KC-5 2a 2 Role/Profile 3e Add-Hoc reviews rules, reasons for KC-6 Form to Update (TBD) reasons 3a Data KC-1 Capture 3 3c LIST OF APPROVERS: All: (Database) Role/Profile 1. Authorized signers of request KC-5 KC-3, KC-4 submits Form on Approvers 3. Resource owner 3b Templated 5. LOB ISO Forms 4a Profile 4 Request is routed User a c eriodic lity sment ess D) USER ID KC-3, KC-4, KC-5 KC-6, KC-7 L il il a r IANCE WITH STANDARDS, PROCESSES & PROCEDURES: e Provisioning & ComplianceProcess el to a UserID Process Warehouse Feed Synchronization Process e Reconfiguration Process base Refresh Process into Change Management dic Process to Maintain Clean-up Rules for Top Secret ator Role SelectionProcedure em/Application Level Logging & Auditing Procedure le Review Procedure aration of Duties Procedure Top Secret Procedure rIDs Determination and Activation Procedure Job Function* GUI Job Roles* RO LE 1 ROLE 2 i Profiles APPLICATION 1 APPLICATION 2 APPLICATION 3 APPLICATION 4 Resources OTRANS OTRANS OTRANS DATA DATA DATA DATA SYSTEMS SYSTEMS SYSTEMS SYSTEMS PROCESSES PROCESSES PROCESSES PROCESSES * Defined logic ally within MainframeEnvironments
Valid Current State 48 Obsolete 293 Obsolete Redundant Valid Redundant 388 Benefits of Profile Business benefits Realignment • • Reconfigured profiles have fewer entitlements and are logically grouped by application Enhanced definitions allow Business to understand what the profiles manage when reviewing and approving Reduced dependence on Single Point of Failure SMEs with profile configuration knowledge across business and Entitlement Administration Ownership of profile and entitlement definition is established at the business operation management level • • • • Technical benefits • Dramatic Reduction in the overall number of entitlements assigned to each user and role (i.e. decreased over 75% in some cases) Documentation of security processing and its relationship to Top Secret /RACF entitlements and application source code Systematic identification obsolete business entitlements • In current state User Group had 7 profiles with intermixed access to 9 applications and 681 entitlements. Post remediation, only 48 entitlements remain which are directly aligned to user role and associated application functions • • • 14© Copyright 2012 Axis Technology, LLC
www.axistechnologyllc.com 70 Federal Street Boston, MA 02110 (857) 445-0110 15© Copyright 2012 Axis Technology, LLC

Recommended

Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts
WSO2
 
PMP Certification Presentation
PMP Certification PresentationPMP Certification Presentation
PMP Certification Presentation
Simplilearn
 
BCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportBCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking Report
NQA
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
Christian F. Nissen
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
Dipankar Ghosh
 
Faster financial closing & Effective Management reporting strategies
Faster financial closing & Effective Management reporting strategiesFaster financial closing & Effective Management reporting strategies
Faster financial closing & Effective Management reporting strategies
Dr. Dhirendra Gautam
 
PMP Exam Prep 2021 free sample module 1
PMP Exam Prep 2021 free sample module 1PMP Exam Prep 2021 free sample module 1
PMP Exam Prep 2021 free sample module 1
EVOLVE for Instructors Materials
 
ServiceNow - Introduction.pptx
ServiceNow - Introduction.pptxServiceNow - Introduction.pptx
ServiceNow - Introduction.pptx
UjjwalPandit7
 

Recommended

Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts
WSO2
 
PMP Certification Presentation
PMP Certification PresentationPMP Certification Presentation
PMP Certification Presentation
Simplilearn
 
BCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportBCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking Report
NQA
 
Introduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT managementIntroduction to COBIT 2019 and IT management
Introduction to COBIT 2019 and IT management
Christian F. Nissen
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
Dipankar Ghosh
 
Faster financial closing & Effective Management reporting strategies
Faster financial closing & Effective Management reporting strategiesFaster financial closing & Effective Management reporting strategies
Faster financial closing & Effective Management reporting strategies
Dr. Dhirendra Gautam
 
PMP Exam Prep 2021 free sample module 1
PMP Exam Prep 2021 free sample module 1PMP Exam Prep 2021 free sample module 1
PMP Exam Prep 2021 free sample module 1
EVOLVE for Instructors Materials
 
ServiceNow - Introduction.pptx
ServiceNow - Introduction.pptxServiceNow - Introduction.pptx
ServiceNow - Introduction.pptx
UjjwalPandit7
 
Business Process Maturity and Centers of Excellence
Business Process Maturity and Centers of ExcellenceBusiness Process Maturity and Centers of Excellence
Business Process Maturity and Centers of Excellence
Sandy Kemsley
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič
 
It Service Management Implementation Overview
It Service Management Implementation OverviewIt Service Management Implementation Overview
It Service Management Implementation Overview
Alan McSweeney
 
GRC Fundamentals
GRC FundamentalsGRC Fundamentals
GRC Fundamentals
3Sixty Insights
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
PECB
 
Pmbok 4th edition chapter 7 - Project Cost Management
Pmbok 4th edition chapter 7 - Project Cost Management Pmbok 4th edition chapter 7 - Project Cost Management
Pmbok 4th edition chapter 7 - Project Cost Management
Ahmad Maharma, PMP,RMP
 
Configuration Management Maturity
Configuration Management MaturityConfiguration Management Maturity
Configuration Management Maturity
Michaël Danys
 
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service StrategyIT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
NUS-ISS
 
HITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to knowHITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to know
➲ Stella Bridges
 
Asset management
Asset managementAsset management
Asset management
Syed Atif Naseem
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your Business
ForgeRock
 
IT-Governance.pptx
IT-Governance.pptxIT-Governance.pptx
IT-Governance.pptx
JayLloyd8
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
Mahesh Patwardhan
 
ITIL Incident Management Workflow - Process Guide
ITIL Incident Management Workflow - Process Guide ITIL Incident Management Workflow - Process Guide
ITIL Incident Management Workflow - Process Guide
Flevy.com Best Practices
 
How To Drive A Successful ServiceNow Implementation
How To Drive A Successful ServiceNow ImplementationHow To Drive A Successful ServiceNow Implementation
How To Drive A Successful ServiceNow Implementation
Aspire Systems
 
Creating Enterprise Value from Business Architecture
Creating Enterprise Value from Business ArchitectureCreating Enterprise Value from Business Architecture
Creating Enterprise Value from Business Architecture
iasaglobal
 
Project Management Professional (PMP)
Project Management Professional (PMP) Project Management Professional (PMP)
Project Management Professional (PMP)
Ahmad Maharma, PMP,RMP
 
The CFO Guide to Data with Deloitte & Workday
The CFO Guide to Data with Deloitte & WorkdayThe CFO Guide to Data with Deloitte & Workday
The CFO Guide to Data with Deloitte & Workday
Workday, Inc.
 
Establishing a Business Process Management Center of Excellence - Impact 2012
Establishing a Business Process Management Center of Excellence - Impact 2012Establishing a Business Process Management Center of Excellence - Impact 2012
Establishing a Business Process Management Center of Excellence - Impact 2012
Prolifics
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it audit
kinjalmkothari92
 
Entitlements Management Strategy-White Paper
Entitlements Management Strategy-White PaperEntitlements Management Strategy-White Paper
Entitlements Management Strategy-White Paper
Axis Technology, LLC
 
Разговор про Java 9. Extended version
Разговор про Java 9. Extended versionРазговор про Java 9. Extended version
Разговор про Java 9. Extended version
Ivan Krylov
 

More Related Content

What's hot

Business Process Maturity and Centers of Excellence
Business Process Maturity and Centers of ExcellenceBusiness Process Maturity and Centers of Excellence
Business Process Maturity and Centers of Excellence
Sandy Kemsley
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
Gregor Polančič
 
It Service Management Implementation Overview
It Service Management Implementation OverviewIt Service Management Implementation Overview
It Service Management Implementation Overview
Alan McSweeney
 
GRC Fundamentals
GRC FundamentalsGRC Fundamentals
GRC Fundamentals
3Sixty Insights
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
PECB
 
Pmbok 4th edition chapter 7 - Project Cost Management
Pmbok 4th edition chapter 7 - Project Cost Management Pmbok 4th edition chapter 7 - Project Cost Management
Pmbok 4th edition chapter 7 - Project Cost Management
Ahmad Maharma, PMP,RMP
 
Configuration Management Maturity
Configuration Management MaturityConfiguration Management Maturity
Configuration Management Maturity
Michaël Danys
 
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service StrategyIT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
NUS-ISS
 
HITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to knowHITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to know
➲ Stella Bridges
 
Asset management
Asset managementAsset management
Asset management
Syed Atif Naseem
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your Business
ForgeRock
 
IT-Governance.pptx
IT-Governance.pptxIT-Governance.pptx
IT-Governance.pptx
JayLloyd8
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
Mahesh Patwardhan
 
ITIL Incident Management Workflow - Process Guide
ITIL Incident Management Workflow - Process Guide ITIL Incident Management Workflow - Process Guide
ITIL Incident Management Workflow - Process Guide
Flevy.com Best Practices
 
How To Drive A Successful ServiceNow Implementation
How To Drive A Successful ServiceNow ImplementationHow To Drive A Successful ServiceNow Implementation
How To Drive A Successful ServiceNow Implementation
Aspire Systems
 
Creating Enterprise Value from Business Architecture
Creating Enterprise Value from Business ArchitectureCreating Enterprise Value from Business Architecture
Creating Enterprise Value from Business Architecture
iasaglobal
 
Project Management Professional (PMP)
Project Management Professional (PMP) Project Management Professional (PMP)
Project Management Professional (PMP)
Ahmad Maharma, PMP,RMP
 
The CFO Guide to Data with Deloitte & Workday
The CFO Guide to Data with Deloitte & WorkdayThe CFO Guide to Data with Deloitte & Workday
The CFO Guide to Data with Deloitte & Workday
Workday, Inc.
 
Establishing a Business Process Management Center of Excellence - Impact 2012
Establishing a Business Process Management Center of Excellence - Impact 2012Establishing a Business Process Management Center of Excellence - Impact 2012
Establishing a Business Process Management Center of Excellence - Impact 2012
Prolifics
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it audit
kinjalmkothari92
 

What's hot (20)

Business Process Maturity and Centers of Excellence
Business Process Maturity and Centers of ExcellenceBusiness Process Maturity and Centers of Excellence
Business Process Maturity and Centers of Excellence
 
An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019An Introduction to IT Management with COBIT 2019
An Introduction to IT Management with COBIT 2019
 
It Service Management Implementation Overview
It Service Management Implementation OverviewIt Service Management Implementation Overview
It Service Management Implementation Overview
 
GRC Fundamentals
GRC FundamentalsGRC Fundamentals
GRC Fundamentals
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
 
Pmbok 4th edition chapter 7 - Project Cost Management
Pmbok 4th edition chapter 7 - Project Cost Management Pmbok 4th edition chapter 7 - Project Cost Management
Pmbok 4th edition chapter 7 - Project Cost Management
 
Configuration Management Maturity
Configuration Management MaturityConfiguration Management Maturity
Configuration Management Maturity
 
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service StrategyIT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
IT Portfolio Management Using Enterprise Architecture and ITIL® Service Strategy
 
HITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to knowHITRUST 101: All the basics you need to know
HITRUST 101: All the basics you need to know
 
Asset management
Asset managementAsset management
Asset management
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your Business
 
IT-Governance.pptx
IT-Governance.pptxIT-Governance.pptx
IT-Governance.pptx
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
 
ITIL Incident Management Workflow - Process Guide
ITIL Incident Management Workflow - Process Guide ITIL Incident Management Workflow - Process Guide
ITIL Incident Management Workflow - Process Guide
 
How To Drive A Successful ServiceNow Implementation
How To Drive A Successful ServiceNow ImplementationHow To Drive A Successful ServiceNow Implementation
How To Drive A Successful ServiceNow Implementation
 
Creating Enterprise Value from Business Architecture
Creating Enterprise Value from Business ArchitectureCreating Enterprise Value from Business Architecture
Creating Enterprise Value from Business Architecture
 
Project Management Professional (PMP)
Project Management Professional (PMP) Project Management Professional (PMP)
Project Management Professional (PMP)
 
The CFO Guide to Data with Deloitte & Workday
The CFO Guide to Data with Deloitte & WorkdayThe CFO Guide to Data with Deloitte & Workday
The CFO Guide to Data with Deloitte & Workday
 
Establishing a Business Process Management Center of Excellence - Impact 2012
Establishing a Business Process Management Center of Excellence - Impact 2012Establishing a Business Process Management Center of Excellence - Impact 2012
Establishing a Business Process Management Center of Excellence - Impact 2012
 
Steps in it audit
Steps in it auditSteps in it audit
Steps in it audit
 

Viewers also liked

Entitlements Management Strategy-White Paper
Entitlements Management Strategy-White PaperEntitlements Management Strategy-White Paper
Entitlements Management Strategy-White Paper
Axis Technology, LLC
 
Разговор про Java 9. Extended version
Разговор про Java 9. Extended versionРазговор про Java 9. Extended version
Разговор про Java 9. Extended version
Ivan Krylov
 
Adam boczek 2015 agile architecture in 10 steps v1.0
Adam boczek 2015 agile architecture in 10 steps v1.0Adam boczek 2015 agile architecture in 10 steps v1.0
Adam boczek 2015 agile architecture in 10 steps v1.0
iasaglobal
 
Why We Need Architects (and Architecture) on Agile Projects
Why We Need Architects (and Architecture) on Agile ProjectsWhy We Need Architects (and Architecture) on Agile Projects
Why We Need Architects (and Architecture) on Agile Projects
Rebecca Wirfs-Brock
 
Software architecture in an agile environment
Software architecture in an agile environmentSoftware architecture in an agile environment
Software architecture in an agile environment
Raffaele Garofalo
 
What to expect from Java 9
What to expect from Java 9What to expect from Java 9
What to expect from Java 9
Ivan Krylov
 
Clean architecture with ddd layering in php
Clean architecture with ddd layering in phpClean architecture with ddd layering in php
Clean architecture with ddd layering in php
Leonardo Proietti
 
Microcontrollers and embedded devices
Microcontrollers and embedded devicesMicrocontrollers and embedded devices
Microcontrollers and embedded devices
Neven Boyanov
 
Structured Approach to Solution Architecture
Structured Approach to Solution ArchitectureStructured Approach to Solution Architecture
Structured Approach to Solution Architecture
Alan McSweeney
 

Viewers also liked (9)

Entitlements Management Strategy-White Paper
Entitlements Management Strategy-White PaperEntitlements Management Strategy-White Paper
Entitlements Management Strategy-White Paper
 
Разговор про Java 9. Extended version
Разговор про Java 9. Extended versionРазговор про Java 9. Extended version
Разговор про Java 9. Extended version
 
Adam boczek 2015 agile architecture in 10 steps v1.0
Adam boczek 2015 agile architecture in 10 steps v1.0Adam boczek 2015 agile architecture in 10 steps v1.0
Adam boczek 2015 agile architecture in 10 steps v1.0
 
Why We Need Architects (and Architecture) on Agile Projects
Why We Need Architects (and Architecture) on Agile ProjectsWhy We Need Architects (and Architecture) on Agile Projects
Why We Need Architects (and Architecture) on Agile Projects
 
Software architecture in an agile environment
Software architecture in an agile environmentSoftware architecture in an agile environment
Software architecture in an agile environment
 
What to expect from Java 9
What to expect from Java 9What to expect from Java 9
What to expect from Java 9
 
Clean architecture with ddd layering in php
Clean architecture with ddd layering in phpClean architecture with ddd layering in php
Clean architecture with ddd layering in php
 
Microcontrollers and embedded devices
Microcontrollers and embedded devicesMicrocontrollers and embedded devices
Microcontrollers and embedded devices
 
Structured Approach to Solution Architecture
Structured Approach to Solution ArchitectureStructured Approach to Solution Architecture
Structured Approach to Solution Architecture
 

Similar to Entitlement and Access Manegement

Axis Consulting Case Studies
Axis Consulting Case StudiesAxis Consulting Case Studies
Axis Consulting Case Studies
Axis Technology, LLC
 
Case Studies
Case StudiesCase Studies
Case Studies
Axis Technology
 
Con8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsCon8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controls
Oracle
 
Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...
Oracle
 
Resume - Phillip E Lucier 20150111
Resume - Phillip E Lucier 20150111Resume - Phillip E Lucier 20150111
Resume - Phillip E Lucier 20150111
Phillip Lucier
 
Enterprise Architecture
Enterprise Architecture Enterprise Architecture
Enterprise Architecture
Axis Technology, LLC
 
ARCHIBUS White Paper - Creating an IWMS Implementation Plan
ARCHIBUS White Paper - Creating an IWMS Implementation PlanARCHIBUS White Paper - Creating an IWMS Implementation Plan
ARCHIBUS White Paper - Creating an IWMS Implementation Plan
Michael Willette
 
Resume John Tzanetakis
Resume John TzanetakisResume John Tzanetakis
Resume John Tzanetakis
John Tzanetakis
 
Ramachandra (1)
Ramachandra (1)Ramachandra (1)
Ramachandra (1)
ramachandra chapati
 
Operational Model Design
Operational Model DesignOperational Model Design
Operational Model Design
Flexera
 
Jagadeesh_Resume_5 + Years
Jagadeesh_Resume_5 + YearsJagadeesh_Resume_5 + Years
Jagadeesh_Resume_5 + Years
jagadeeshbabu rangu
 
CDGRES201602
CDGRES201602CDGRES201602
CDGRES201602
Cedric Green, Sr.
 
jgordonres112015
jgordonres112015jgordonres112015
jgordonres112015
Juedienne Gordon
 
Quick Start Advantage
Quick Start AdvantageQuick Start Advantage
Quick Start Advantage
David Coleman
 
Alexander Rhea Resume
Alexander Rhea ResumeAlexander Rhea Resume
Alexander Rhea Resume
Alex Rhea
 
Corebanking transformation – a wining formula
Corebanking transformation – a wining formulaCorebanking transformation – a wining formula
Corebanking transformation – a wining formula
Supratik Nag
 
madvel_QA
madvel_QAmadvel_QA
madvel_QA
Madhuri Veldanda
 
Williams Joseph resume
Williams Joseph resumeWilliams Joseph resume
Williams Joseph resume
Ron Williams
 
Lakshmi_Reddy_Resume
Lakshmi_Reddy_ResumeLakshmi_Reddy_Resume
Lakshmi_Reddy_Resume
Lakshmi Reddy
 
Segregation of Duties Solutions
Segregation of Duties SolutionsSegregation of Duties Solutions
Segregation of Duties Solutions
Ahmed Abdul Hamed
 

Similar to Entitlement and Access Manegement (20)

Axis Consulting Case Studies
Axis Consulting Case StudiesAxis Consulting Case Studies
Axis Consulting Case Studies
 
Case Studies
Case StudiesCase Studies
Case Studies
 
Con8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsCon8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controls
 
Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...
 
Resume - Phillip E Lucier 20150111
Resume - Phillip E Lucier 20150111Resume - Phillip E Lucier 20150111
Resume - Phillip E Lucier 20150111
 
Enterprise Architecture
Enterprise Architecture Enterprise Architecture
Enterprise Architecture
 
ARCHIBUS White Paper - Creating an IWMS Implementation Plan
ARCHIBUS White Paper - Creating an IWMS Implementation PlanARCHIBUS White Paper - Creating an IWMS Implementation Plan
ARCHIBUS White Paper - Creating an IWMS Implementation Plan
 
Resume John Tzanetakis
Resume John TzanetakisResume John Tzanetakis
Resume John Tzanetakis
 
Ramachandra (1)
Ramachandra (1)Ramachandra (1)
Ramachandra (1)
 
Operational Model Design
Operational Model DesignOperational Model Design
Operational Model Design
 
Jagadeesh_Resume_5 + Years
Jagadeesh_Resume_5 + YearsJagadeesh_Resume_5 + Years
Jagadeesh_Resume_5 + Years
 
CDGRES201602
CDGRES201602CDGRES201602
CDGRES201602
 
jgordonres112015
jgordonres112015jgordonres112015
jgordonres112015
 
Quick Start Advantage
Quick Start AdvantageQuick Start Advantage
Quick Start Advantage
 
Alexander Rhea Resume
Alexander Rhea ResumeAlexander Rhea Resume
Alexander Rhea Resume
 
Corebanking transformation – a wining formula
Corebanking transformation – a wining formulaCorebanking transformation – a wining formula
Corebanking transformation – a wining formula
 
madvel_QA
madvel_QAmadvel_QA
madvel_QA
 
Williams Joseph resume
Williams Joseph resumeWilliams Joseph resume
Williams Joseph resume
 
Lakshmi_Reddy_Resume
Lakshmi_Reddy_ResumeLakshmi_Reddy_Resume
Lakshmi_Reddy_Resume
 
Segregation of Duties Solutions
Segregation of Duties SolutionsSegregation of Duties Solutions
Segregation of Duties Solutions
 

More from Axis Technology, LLC

Tile-based Navigation & Analytics-White Paper
Tile-based Navigation & Analytics-White PaperTile-based Navigation & Analytics-White Paper
Tile-based Navigation & Analytics-White Paper
Axis Technology, LLC
 
Assessing the Value of Rich Internet-White Paper
Assessing the Value of Rich Internet-White PaperAssessing the Value of Rich Internet-White Paper
Assessing the Value of Rich Internet-White Paper
Axis Technology, LLC
 
Solution Evaluation & Selection Brochure
Solution Evaluation & Selection BrochureSolution Evaluation & Selection Brochure
Solution Evaluation & Selection Brochure
Axis Technology, LLC
 
Sensitive Data Assessment Brochure
Sensitive Data Assessment Brochure Sensitive Data Assessment Brochure
Sensitive Data Assessment Brochure
Axis Technology, LLC
 
eGRC Strategy Brochure
eGRC Strategy BrochureeGRC Strategy Brochure
eGRC Strategy Brochure
Axis Technology, LLC
 
Entitlement Management Brochure
Entitlement Management Brochure Entitlement Management Brochure
Entitlement Management Brochure
Axis Technology, LLC
 
Data Architecture Strategy Brochure
Data Architecture Strategy BrochureData Architecture Strategy Brochure
Data Architecture Strategy Brochure
Axis Technology, LLC
 
Data Governance Brochure
Data Governance BrochureData Governance Brochure
Data Governance Brochure
Axis Technology, LLC
 
Regulatory & Compliance Account Opening
Regulatory & Compliance Account OpeningRegulatory & Compliance Account Opening
Regulatory & Compliance Account Opening
Axis Technology, LLC
 
Client Connections
Client Connections Client Connections
Client Connections
Axis Technology, LLC
 
Brokerage Executive Dashboard
Brokerage Executive DashboardBrokerage Executive Dashboard
Brokerage Executive Dashboard
Axis Technology, LLC
 
Wealth Management
Wealth ManagementWealth Management
Wealth Management
Axis Technology, LLC
 
IRA Simplification Project
IRA Simplification ProjectIRA Simplification Project
IRA Simplification Project
Axis Technology, LLC
 
Data Management Strategy
Data Management StrategyData Management Strategy
Data Management Strategy
Axis Technology, LLC
 
Joint Analysis Design
Joint Analysis DesignJoint Analysis Design
Joint Analysis Design
Axis Technology, LLC
 
Enterprise Data Architecture
Enterprise Data Architecture Enterprise Data Architecture
Enterprise Data Architecture
Axis Technology, LLC
 
Reference Data Management
Reference Data Management Reference Data Management
Reference Data Management
Axis Technology, LLC
 
Axis Technology - Consulting Overview
Axis Technology - Consulting OverviewAxis Technology - Consulting Overview
Axis Technology - Consulting Overview
Axis Technology, LLC
 
Big Data and the Semantic Web
Big Data and the Semantic WebBig Data and the Semantic Web
Big Data and the Semantic Web
Axis Technology, LLC
 
Sensitive Data Assesment
Sensitive Data AssesmentSensitive Data Assesment
Sensitive Data Assesment
Axis Technology, LLC
 

More from Axis Technology, LLC (20)

Tile-based Navigation & Analytics-White Paper
Tile-based Navigation & Analytics-White PaperTile-based Navigation & Analytics-White Paper
Tile-based Navigation & Analytics-White Paper
 
Assessing the Value of Rich Internet-White Paper
Assessing the Value of Rich Internet-White PaperAssessing the Value of Rich Internet-White Paper
Assessing the Value of Rich Internet-White Paper
 
Solution Evaluation & Selection Brochure
Solution Evaluation & Selection BrochureSolution Evaluation & Selection Brochure
Solution Evaluation & Selection Brochure
 
Sensitive Data Assessment Brochure
Sensitive Data Assessment Brochure Sensitive Data Assessment Brochure
Sensitive Data Assessment Brochure
 
eGRC Strategy Brochure
eGRC Strategy BrochureeGRC Strategy Brochure
eGRC Strategy Brochure
 
Entitlement Management Brochure
Entitlement Management Brochure Entitlement Management Brochure
Entitlement Management Brochure
 
Data Architecture Strategy Brochure
Data Architecture Strategy BrochureData Architecture Strategy Brochure
Data Architecture Strategy Brochure
 
Data Governance Brochure
Data Governance BrochureData Governance Brochure
Data Governance Brochure
 
Regulatory & Compliance Account Opening
Regulatory & Compliance Account OpeningRegulatory & Compliance Account Opening
Regulatory & Compliance Account Opening
 
Client Connections
Client Connections Client Connections
Client Connections
 
Brokerage Executive Dashboard
Brokerage Executive DashboardBrokerage Executive Dashboard
Brokerage Executive Dashboard
 
Wealth Management
Wealth ManagementWealth Management
Wealth Management
 
IRA Simplification Project
IRA Simplification ProjectIRA Simplification Project
IRA Simplification Project
 
Data Management Strategy
Data Management StrategyData Management Strategy
Data Management Strategy
 
Joint Analysis Design
Joint Analysis DesignJoint Analysis Design
Joint Analysis Design
 
Enterprise Data Architecture
Enterprise Data Architecture Enterprise Data Architecture
Enterprise Data Architecture
 
Reference Data Management
Reference Data Management Reference Data Management
Reference Data Management
 
Axis Technology - Consulting Overview
Axis Technology - Consulting OverviewAxis Technology - Consulting Overview
Axis Technology - Consulting Overview
 
Big Data and the Semantic Web
Big Data and the Semantic WebBig Data and the Semantic Web
Big Data and the Semantic Web
 
Sensitive Data Assesment
Sensitive Data AssesmentSensitive Data Assesment
Sensitive Data Assesment
 

Recently uploaded

Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Tatiana Kojar
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
AstuteBusiness
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
HarisZaheer8
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Public CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptxPublic CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptx
marufrahmanstratejm
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
alexjohnson7307
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
Dinusha Kumarasiri
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
LucaBarbaro3
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 

Recently uploaded (20)

Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Public CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptxPublic CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptx
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Azure API Management to expose backend services securely
Azure API Management to expose backend services securelyAzure API Management to expose backend services securely
Azure API Management to expose backend services securely
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 

Entitlement and Access Manegement

  • 1. 5© Copyright 2012 Axis Technology, LLC Entitlements and Access Management
  • 2. Entitlement and Access Management Regulatory control functions, such as Operational Risk, Compliance and Audit, increasingly raise questions around the scope, management, and clarity of entitlements within distributed and mainframe application environments. • • • • Entitlements are used to determine what a user is allowed to do once they are in a network or application. Often Implemented as a shared service within specific technology stacks. Typically includes query-able metadata repository for Compliance, Management, Auditing and Reporting. Entitlement Management tools externalize and centralize fine-grained authorization policies for enterprise applications, web services, and data. 2© Copyright 2012 Axis Technology, LLC Entitlement management can be used to strengthen the security of Web services, Web applications, legacy applications, documents and files, and physical security systems. Implementation of a metric-driven policy that is consistent across all applications is becoming more important in the face of regulatory pressures from Sarbanes-Oxley, HIPAA, PCI and the like. Enterprise Entitlement Solutions typically include separate mainframe, application specific and LDAP based solutions
  • 3. Regulators Signific Regulatory Requirements for improved Entitlement Management Change capabilities are increasing to challenges with legacy due processes and regulation changed and Auditors are focusing on legacy controls and processes put in place in response to SOX and GLBA that are under renewed scrutiny due to regulatory focus ant operational and reputational risk exposure with entitlements that do not conform to security policies, regulations, and/or best practices. Typical entitlement systems do not provide business friendly information for required management reviews of user access. 3© Copyright 2012 Axis Technology, LLC
  • 4. Entitlement Management - Approach Determine Target State Options Analyze Current State Design Implementation Plan Execute Plan Work with security administration, business teams and application owners to: • • Identify the applications in scope and their responsible business and technology organizations Document current state of user’s profiles and entitlements grouped by organizations: – Inventory of the existing job functions, profile details and corresponding entitlements. – Determine overlap and uniqueness of resource entitlements across groups. Work with security administration teams to analyze existing entitlements to determine the applications associated with job roles and functional usage of each entitlement Validate understanding of existing entitlements and determine their alignment to existing business roles and the applications used to carry out business function. Document gaps within existing Entitlements Management structure • • • 4© Copyright 2012 Axis Technology, LLC Deliverables Benefits • Inventory of Entitlement Types, Processes and Categories • Remediation criteria and functional requirements • Development of remediation rules and approach for each category • Provides a comprehensive understandingof the types of entitlements in the environments (unreferenced, obsolete, valid, override) • Creates understandingof current state Entitlement Management processes
  • 5. Entitlement Management - Approach Determine Target State Options Analyze Current State Design Implementation Plan Execute Plan • Work with application and business management to recommend valid target job role definitions with associated business functions and required resource entitlements. – Establish existing business role definitions and entitlements expected for each role. – Align functional groupings of entitlements into corresponding Job Roles. Recommend possible cleanup of obsolete, redundant and unused entitlements Rationalize Entitlement usage within the existing user base by recommending enhanced descriptions and definitions of roles, profiles and entitlements in a way that clearly: • • – – – Shows what a user’s entitlements are, Shows that a user does not have more entitlements than they need, Allows reviewers to understands what entitlements are being granted and identify any potential conflicting entitlements 5© Copyright 2012 Axis Technology, LLC Deliverables Benefits • Documentingprocedures for the remediation of entitlements by category • Analyzing business and technical impact • Reviewing and documenting end-to-end remediation process • Remediation steps are designed at a holistic level to ensure that impacts are minimized and efficiencies are realized.
  • 6. Entitlement Management - Approach Determine Target State Options Analyze Current State Design Implementation Plan Execute Plan Determine Implementation Options and Target Design for Entitlements Provisioning: • Map profiles and entitlements between Current and Target State. – – – Develop design options for entitlements provisioning based upon target state role definitions. Identify procedures for migration of existing entitlements to target entitlements. Identify potential and implied impacts, business and technical support dependencies and rank conversion procedures based upon risk and effort estimates. • • Select design direction and create high-level design documentation. Develop implementation plan for required provisioning components. – Develop new compliance and control process and procedures to ensure the integrity of the implemented solutions going forward. Coordinate provisioning component definition and options selection.– 6© Copyright 2012 Axis Technology, LLC Deliverables Benefits • Implementation • Communication plan • Selection of Pilot remediation activities • Milestone based plan to ensure effective communication and awareness.
  • 7. Entitlement Management - Approach Determine Target State Options Analyze Current State Design Implementation Plan Execute Plan • Coordinate implementation efforts with administrative and operation groups that carry out the transition from current to target state: – – – Review of risk mitigation strategies and back out procedures Phased rollout strategies SLAs, point of contacts, escalation procedures and progress reporting strategies • Phased rollout of the Target State implementation: – Initial Pilot Implementation (with learning used to adjust implementation plan) – Multi-phase rollout across business units and divisions with validation, progress reports and implementation plan adjustments based on outcomes and learning Post Implementation review: – Implementation result assessments – Learning and inputs to future Integrity Maintenance • 7© Copyright 2012 Axis Technology, LLC Deliverables Benefits • Remediation of selected entitlement scenarios • Revising process documentation and plans including lessons learned and post remediation audit steps • Piloting allows for the process and effort assumptions to be validated and improved prior to full engagement
  • 8. e. siness functions. Entitlement Management - Expertise • Technical – – Comprehensive understanding of the existing entitlement management frameworks and their implementations. Technical knowledge required to extract entitlement sources and verify entitlement usag • Analytical – – Analyze current state and its integration with the Enterprise Entitlement strategy. Technical and business SME and stakeholder interactions: • • • • • • Business Operations Entitlement Administration Compliance Audit ApplicationDevelopment InformationSecurity Officers – – – Articulate the rules that will need to be enforced to secure the solution and align with bu Identification of control gaps in accordance with security and audit compliance policies and standards. Identification of business and technical conversion impacts and risks. • Implementation – – – Modification of Control routines based on the analysis. Clean up and realignment of the existing entitlements configurations Review and development of new procedures and processes around the provisioning process that implement and check these new rules so that the integrity of the solutions will be maintained going forward. 8© Copyright 2012 Axis Technology, LLC
  • 9. 9© Copyright 2012 Axis Technology, LLC Entitlement Management Case Study
  • 10. Mainframe Entitlement Remediation • Project Drivers stem from audit findings related to access management including: • • • General presence of excessive entitlements across the enterprise due to the complexity of User IDs, roles and profiles Poor quality of manager entitlement reviews due to awareness, information availability and process gaps Lack of a risk based scoring process and approach to the management of entitlements • Within Mainframe environments, issues manifest themselves by: • • • • • • Overly complex IDs and profiles that include obsolete and extinct entitlements Improper toxic combinations and excessive entitlements within and across assigned profiles Weak or non-existent definitions of entitlements and profiles designatingfunctionality and/or usage Inconsistentfunctional implementations of RACF & Top Secret that have become institutionalizedwithin LOBs Deficiencies in the procedures to manage and maintain the integrity of user access controls and entitlements Complex entitlement provisioningbeing understood by a limited number of individuals • Remediation is hampered by legacy mainframe technology constraints: • • • • Lack of formal Role Based Access Control (RBAC) Mainframe entitlements structures that do not allow for people to define their usage Legacy custom developed methods that extend entitlement capabilities Unique access controls embedded within application code leading to additional layers of management complexity 10© Copyright 2012 Axis Technology, LLC
  • 11. Stakeholder Integration This effort was a key part of multiple Access Management Audit Response workstreams that required Axis to create strong integration among multiple constituents The goal is to remediate roles and profiles so that managers performing entitlement reviews understand what they are reviewing and can ensure that the entitlements are appropriate • • The Axis Project Team brought together key stakeholders to interface and cooperate to effect the changes 11© Copyright 2012 Axis Technology, LLC Business/User Entitlement Administration Axis Project Team Profiles Roles IDs Definitions& Realignment Processes& Entitlement Management QualityAssurance &Data Integrity Interpret and transform Implements Functional Knowledge
  • 12. opyright 2012 Axis Technology, LLC 12 Current State Analysis Artifacts The complexity of the current state environment was captured through Axis analysis artifacts that allowed for consistent comparison of existing capabilities for gaps, overlaps and critical requirements Risk prioritization and impact analysis of potential solutions provided objective measures for identifying target solutions and the activities required to achieve the biggest benefit • • © C
  • 13. K K K Administration to ISA for review 5c LOB P and processing Qu Asses Pro (TB 5a 5b 5 COMP C-2 IAM Periodic Entitlement Role/Profile 1. Prof C-6 Quality Review by Administrator 2. eLabAssessment Manager Process 3. Data C-7 Process Completion 4. Prof 5. IDat 6. Perio 7. Ope 8. Syst 9. Prof End 10. Sep 11. IAM 12. Use Target State analysis Artifacts The target state model simplifies understanding• and effectiveness of Role Based Entitlements Gap Analysis of Processes and Controls leads to identification and implementation of changes that • KC-2 Monitoring / Logging of Entitlement Reviews improve 4. No toxic combinations KC-5 Approval of Authorized Signer(s) or Resource KC-6 Periodic Review of Entitlements Entitlements 2. Manager approval 4. Role owner Approved KC-1 GUID RO APP OTRANS 13© Copyright 2012 Axis Technology, LLC Administrator behalf of business List of List of Approvers Data Repository Reporting Administrator needs and 2b Audit review requests Requesting area long term ownership and maintenance of Profile Provisioning Construction and Review Procedures Process Flow Diagram - TARGET Key Controls New Key Controls Added Start RULES CHECK: 1. Numberof Mode Profiles 2. Authorized signers and Managers 1 3. Submitter cannot be approver Initiates 5. Glossary naming convention a request to 6. Enforce Application-centric Profiles Role/Profile (one application per Profile) Administrator 7. Define(s) a Job Role 8. Quality and efficiency of resources check KC-1 Audit Logging of Profile Changes KC-3 Review for Compliance with Construction Standards KC-4 Segregation of Duties - Maker / Checker Owners(s) KC-7 Documented Process or Procedure to Implement Standards KC-3, KC-4, KC-5 2a 2 Role/Profile 3e Add-Hoc reviews rules, reasons for KC-6 Form to Update (TBD) reasons 3a Data KC-1 Capture 3 3c LIST OF APPROVERS: All: (Database) Role/Profile 1. Authorized signers of request KC-5 KC-3, KC-4 submits Form on Approvers 3. Resource owner 3b Templated 5. LOB ISO Forms 4a Profile 4 Request is routed User a c eriodic lity sment ess D) USER ID KC-3, KC-4, KC-5 KC-6, KC-7 L il il a r IANCE WITH STANDARDS, PROCESSES & PROCEDURES: e Provisioning & ComplianceProcess el to a UserID Process Warehouse Feed Synchronization Process e Reconfiguration Process base Refresh Process into Change Management dic Process to Maintain Clean-up Rules for Top Secret ator Role SelectionProcedure em/Application Level Logging & Auditing Procedure le Review Procedure aration of Duties Procedure Top Secret Procedure rIDs Determination and Activation Procedure Job Function* GUI Job Roles* RO LE 1 ROLE 2 i Profiles APPLICATION 1 APPLICATION 2 APPLICATION 3 APPLICATION 4 Resources OTRANS OTRANS OTRANS DATA DATA DATA DATA SYSTEMS SYSTEMS SYSTEMS SYSTEMS PROCESSES PROCESSES PROCESSES PROCESSES * Defined logic ally within MainframeEnvironments
  • 14. Valid Current State 48 Obsolete 293 Obsolete Redundant Valid Redundant 388 Benefits of Profile Business benefits Realignment • • Reconfigured profiles have fewer entitlements and are logically grouped by application Enhanced definitions allow Business to understand what the profiles manage when reviewing and approving Reduced dependence on Single Point of Failure SMEs with profile configuration knowledge across business and Entitlement Administration Ownership of profile and entitlement definition is established at the business operation management level • • • • Technical benefits • Dramatic Reduction in the overall number of entitlements assigned to each user and role (i.e. decreased over 75% in some cases) Documentation of security processing and its relationship to Top Secret /RACF entitlements and application source code Systematic identification obsolete business entitlements • In current state User Group had 7 profiles with intermixed access to 9 applications and 681 entitlements. Post remediation, only 48 entitlements remain which are directly aligned to user role and associated application functions • • • 14© Copyright 2012 Axis Technology, LLC
  • 15. www.axistechnologyllc.com 70 Federal Street Boston, MA 02110 (857) 445-0110 15© Copyright 2012 Axis Technology, LLC