This presentation will review the Access Management process and how rights are granted, changed, revoked and monitored in an organization.
Common to security and many regulations is the need to limit access to critical IT services. Not only must initial work be done but the resulting process must be efficient and effective in order to be sustainable.This presentation will review the Access Management process and how rights are granted, changed, revoked and monitored in an organization.The presentation will draw on best practices from ITIL v3, COBIT and the author’s experiences in internal audit and information security.
Areas Covered in the seminar:
- Background of the need for access controls.
- The benefits of role based security.
- Considerations for managing new accounts, changes to accounts and revocation of access.
- Detective controls interfaced to HR and Payroll.
- How to reaccredit accounts.
Who will benefit:
- IT operations and support staffs as well as compliance
- Audit and information security personnel who are looking for best practices relating to Access Management
Instructor Profile:
George Spafford, is a Principal Consultant with Pepperweed and an experienced practitioner in business and IT operations. He is a prolific author and speaker, and has consulted and conducted training on regulatory compliance, IT Governance, and process improvement in the U.S., Australia, New Zealand and China. Publications include co-authorship of
