Focus and Features

Provide insight into what Identity and Access Management (IAM) means to an organization and a process to determine internal audit areas for investigation.


Course Objective


At the end of the Course, the participants shall be able to:

  • Have an understanding of the identity access management drivers, concepts and risks
  • Knowledge on the definition of key concept used in analyzing, and monitoring organization's IAM processes
  • Learn the role of internal auditors and develop an IAM audit approach to examine the identity and access management processes that exist within the organization.
  • Attain the appropriate competencies required by the IPPF and mapped with The IIA GCF


What You Will Learn

Introduction

Business Drivers

  • Improved Regulatory Compliance
  • Reduced Information Security Risk
  • Reduced IT Operating and Development Costs
  • Improved Operating Efficiencies and Transparency
  • Improved User Satisfaction
  • Increased Effectiveness of Key Business Initiatives


Identity and Access Management Concepts


Adoption Risks


Definition of Key Concepts

Identity Management vs. Entitlement Management

  • Identity and Access Management Process
  • Entitlement Management

Identity and Access Management Components

  • Identity Types
  • Onboarding
  • Offboarding


Access Rights and Entitlements

  • Identity Access or Entitlement Changes
  • Granting Access Rights to Privileged Accounts
  • Segregation of duties

Provisioning Process

  • Access Request
  • Approval
  • Propagation and Identity Creation
  • Communication
  • Logging

Administration of Identities and Access Rights Process

  • Periodic Audit and Reconciliation of Identities and Entitlements
  • Policy Statement Administration
  • IAM Strategy
  • IAM System Administration
  • End-user Password Administration
  • Storage and Handling Considerations
  • Reporting

Enforcement Process

  • Authentication and Authorization
  • Logging


Use of Technology in IAM

  • What Types of Technology Exist?
  • Pros and Cons of Technology Use
  • How Is the Technology Used?
  • Additional Concepts


The Role of Internal Auditors

Current IAM Processes

  • Business Architecture
  • Policies
  • Laws, Regulations, and Mandates
  • Budget
  • Timeline
  • Business Requirements


Auditing IAM

  • Evaluation of IAM
  • Evaluating Entitlement Management
  • Approach to examine IAM process within the organization


Audit Activity

  • Simulation of auditing IAM through auditing exercises and examples


Who Should Attend

This is a course offered is ideal for all auditors



CANCELLATION POLICIES


1. Cancellations received less than 3days prior to the event will be charged a cancellation fee, which is 50% of the registration fee. Cancellation in zoom registration does not mean you are cancelling your registration in our seminar, please send us an official email.


2. No-show registrants will be charged 50% of the registration fee.


3. Substitutions are allowed on two conditions:

• The event/training should be the same.

• The membership status should also be the same, if the other participant is a non-member, he/she must pay the difference.

Location

Virtual set-up/via Zoom

See route

Contact us

For additional event or venue information, please send an email to training@iia-p.org

Sponsors and Partners