Download to read offline
Governance Model - Slide Show
- 1. W E DN E S D A Y , N O V E M B E R 2 0 , 2 0 1 3 Access Rights Review
- 2. 5/19/2016 Governance Model 1 Purpose The Need SharedOwnership Key Elements Audit Team Department Reviews New Access Management Policy Access Rights Review Process Schedule (up to Pilot, after Pilot) Schedule A – Periodic Reviews 11/20/2013
- 3. Create a reliableand consistent corporate model to identify and evaluate user access rights that is…. Purpose 11/20/2013 In compliance with the security and risk management process. 2
- 4. The Need 11/20/2013 1 • Responseto internal and external Audits 2 • Culture of compliance – “it’s the right thing to do” 3 • Enforce the Principle of “least privilege” 4 • Identify access and permissions to MeM systems 5 • Detect inappropriate access to MeM systems 6 • Correct inaccuracy access thus reducing risk for the organization 3
- 5. Shared Ownership 11/20/2013 Re sp o n s i b i l i t yOwn ers h ipAu th ority EXECUTIVE TEAM INITIATIVE FINANCE PROCESS IS OPERATIONS DATA BUSINESS UNITS 4
- 6. Key Elements 11/20/2013 Coordinate/ Conduct Process Review & Approve Schedule Approve Reports Approve Process Coordinate Kickoff Review Findings Integrate Corporate Policies(3) Schedule Identify Systems to Review Determine Periodic Reviews Determine Start/End Dates Determine Data Owner Get Schedule Approval Reports Identify Reports Determine Report Data Determine Report Format Determine Delivery Method Get Report Approval Pilot Determine Process Select System to Pilot Perform Process Review/ Fine-Tune Process Get Process Approval 5
- 7. Audit Team 11/20/2013 Audit Team Finance (Controller or ExternalAuditor) Compliance (Compliance Manager) 6
- 8.
- 9. 11/20/2013 New Access ManagementPolicy 8
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.