GTAG 9 - Identity and Access Management
Identity and access management (IAM) is a cross-functional process that helps organizations to manage who has access to what information over a period of time. Poor or loosely controlled IAM processes may lead to organizational regulatory noncompliance and an inability to determine whether company data is being misused.
CAEs should be involved in the development of the organization's IAM strategy as well as evaluate the implementation of the strategy and effectiveness of companywide access controls. The purpose of this GTAG is to provide insight into what IAM means to an organization and to suggest internal audit areas for investigation. It can assist CAEs and other internal auditors to understand, analyze, and monitor their organization's IAM processes. A checklist for IAM review is also included in this guide

IPPF

GTAG 9 - Identity and Access Management
Ti potrebbe interessare anche....
KNOWLEDGE
Digitalizzare l’Audit, auditare il digitale: evoluzione della Professione tra sfide e opportunità
KNOWLEDGE
KNOWLEDGE
REPORT ON THE STANDARD-SETTING AND PUBBLIC COMMENT PROCESSES FOR THE GLOBAL INTERNAL AUDIT STANDARDS
KNOWLEDGE
KNOWLEDGE
KNOWLEDGE