Managing Risk for Effective Access Governance

Managing Risk for Effective Access Governance Financial organizations must effectively manage a broad array of potentially damaging events caused or made possible by inadequate governance of user access to an enterprise's information assets. Such events range from policy and compliance violations of various regulations and measures, such as Sarbanes-Oxley Act (SOX), Gramm-Leach-Bliley (GLB) Act, Basel II/Solvency II capital-adequacy requirements and various privacy regulations, to disastrous business losses.

The governance and risk management initiatives within these organizations face significant challenges in managing user access across a multitude of disparate systems and data assets while having to deal with user roles that are constantly changing due to mergers, acquisitions, reorganizations, divestitures, transfers, on-boarding and off boarding of employees.

The potential cost to the business is virtually unlimited:

Lost revenue and increased expense
Damage to customer relationships
Loss of corporate brand and reputation

This paper, citing various industry sources, discusses the consequences of unacceptable levels of risk and presents the six principles that must be implemented to effectively monitor, manage, and mitigate access-related risk to ensure that financial organizations can satisfy compliance regulations and protect the business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.