<a J�rg Asma, KPMG
- Compliant Identity Management 360�06.05.2009 14:00-15:00
- Compliant Identity Management 360�Compliant Identity Management today is an imperative for companies that successfully need to address and resolve business risks and regulations as well as IT related user and authorization management. In order to combine the business with the technical world a common nominator and language can be defined and a milestone in providing a combined solution is reached. This session is intended to give you a comprehensive view on the market of answers and solutions to Compliant Identity…Creating Value with an integrated Identity, Service & License Management Solution“Classical” Identity Management is just one part of a solution to provide a better integrated and easier to use infrastructure to the business. The presentation will show the current status, the steps and the vision of the ECCO project to provide self service IAM and to go beyond identity management and manage most parts of the infrastructure in a very intuitive and effective way. This also includes managing other IT assets like PCs and License Management.
- Lessons that GRC and IAM could learn from ITIL – and where ITIL helps in defining IAM06.05.2009 15:00-16:00
- Lessons that GRC and IAM could learn from ITIL – and where ITIL helps in defining IAMEven while ITIL v3 integrates a little bit of access management, the siloes of ITIL, IAM, and GRC are well isolated in most organizations. On the other hand, and approach which understands Identity as a Services is mandatory. These services should be defined using the methodologies of ITIL and, if applicable, follow the defined ITIL best practices. Beyond that, the definition of any Application Security Infrastructure requires the definition of services. ITIL and its methodologies can…Is the IAM Focus of Today�s GRC Platforms Sufficient?Most of today’s GRC platforms focus on IAM aspects, mainly access control. Attestation capabilities are focused on the access controls, authorization management is as well, as are the SoD rules. But there is more in GRC. “Classical” security aspects including the management of security events, business continuity, license compliance, and so on – all these areas have to be covered from a Governance, Risk Management, and Compliance perspective. There is no doubt about…
- The Introduction of IAM in a Phased, Controlled and Financially Justifiable Manner06.05.2009 16:30-17:30
- The Introduction of IAM in a Phased, Controlled and Financially Justifiable MannerCZ Actief in Gezondheid proves that implementing IAM is not so much different from any other project. Common sense, a pragmatic and phased approach, and a tool to support this process in everyone of its phases, has led to a substantial improvement of access right provisioning and deprovisioning, to a high responsiveness to internal and external audits, and to real savings. Han Tanis, management sponsor of the IAM project at CZ, explains how the combination of the right level of management…Key to Success � a Phase Approach to Identity and Access ManagementThe Company – Bayer Group & Bayer HealthCare Business drivers for IAM Success factors Used Tools / Role Concept