This is a past event. Registration is closed. View other The Institute of internal Auditors Philippines, Inc. events.

Focus and Features

Provide insight into what Identity and Access Management (IAM) means to an organization and a process to determine internal audit areas for investigation.


Course Objective


At the end of the Course, the participants shall be able to:

  • Have an understanding of the identity access management drivers, concepts and risks
  • Knowledge on the definition of key concept used in analyzing, and monitoring organization's IAM processes
  • Learn the role of internal auditors and develop an IAM audit approach to examine the identity and access management processes that exist within the organization.
  • Attain the appropriate competencies required by the IPPF and mapped with The IIA GCF


What You Will Learn

Introduction

Business Drivers

  • Improved Regulatory Compliance
  • Reduced Information Security Risk
  • Reduced IT Operating and Development Costs
  • Improved Operating Efficiencies and Transparency
  • Improved User Satisfaction
  • Increased Effectiveness of Key Business Initiatives


Identity and Access Management Concepts


Adoption Risks


Definition of Key Concepts

Identity Management vs. Entitlement Management

  • Identity and Access Management Process
  • Entitlement Management

Identity and Access Management Components

  • Identity Types
  • Onboarding
  • Offboarding

Access Rights and Entitlements

  • Identity Access or Entitlement Changes
  • Granting Access Rights to Privileged Accounts
  • Segregation of duties

Provisioning Process

  • Access Request
  • Approval
  • Propagation and Identity Creation
  • Communication
  • Logging

Administration of Identities and Access Rights Process

  • Periodic Audit and Reconciliation of Identities and Entitlements
  • Policy Statement Administration
  • IAM Strategy
  • IAM System Administration
  • End-user Password Administration
  • Storage and Handling Considerations
  • Reporting


Enforcement Process

  • Authentication and Authorization
  • Logging


Use of Technology in IAM

  • What Types of Technology Exist?
  • Pros and Cons of Technology Use
  • How Is the Technology Used?
  • Additional Concepts


The Role of Internal Auditors

Current IAM Processes

  • Business Architecture
  • Policies
  • Laws, Regulations, and Mandates
  • Budget
  • Timeline
  • Business Requirements


Auditing IAM

  • Evaluation of IAM
  • Evaluating Entitlement Management
  • Approach to examine IAM process within the organization


Audit Activity

  • Simulation of auditing IAM through auditing exercises and examples


Who Should Attend

This is a course offered is ideal for all auditors





Location

See route

Contact us

For additional event or venue information, please email training@iia-p.orgYou can also reach us at +63 79409551

Sponsors and Partners