Many companies are subject to strict regulatory requirements.
The topic of access management is important in almost all requirements.
To ensure that these requirements are met, companies must be audited externally or by their own auditors!
Here it is helpful to present targeted Audit analyses in order to be able to fulfil a fast data delivery within the scope of an audit and thus to be able to prove compliance with the right requirements.
In order to be able to meet the goals and requirements of access management, technical support is advantageous, but the purchase of a tool alone is not sufficient. Added to this is the complexity of access management:
In addition to complexity, further problem areas arise
Our partner KMPG has to deal with a number of
errors and problems during external or internal audits, for example:
- Intransparency of the assigned or required authorizations (e.g. missing reporting options or quality of the authorization descriptions)
- Intransparency on “legalizations” (applications / releases not comprehensible
- Overrights (e.g. “trainee effect” or in relation to privileged accounts)
- No periodic quality assurance (“recertification”)
- Lack of acceptance of responsibility
- Failure and waiting times for IT systems
- Dealing with www authorizations (e.g. regarding information owners, entry in CMDB)
- Overloading of the service desk due to increasing diversity of the application landscape and the repetitive standard queries
- Overview of external employees/service providers and their access to company data not available/incomplete
- Authorizations not organized according to business functions, no role model available
Together with our partner KMPG, we have compiled a free white paper which shows how these regulatory requirements have been implemented and helps you to cope with the complexity of access management and compliance, security and efficiency. Here you can download it for free.