Focus and Features

Provide insight into what Identity and Access Management (IAM) means to an organization and a process to determine internal audit areas for investigation.

Course Objective

At the end of the Course, the participants shall be able to:

  • Have an understanding of the identity access management drivers, concepts and risks
  • Knowledge on the definition of key concept used in analyzing, and monitoring organization's IAM processes
  • Learn the role of internal auditors and develop an IAM audit approach to examine the identity and access management processes that exist within the organization.
  • Attain the appropriate competencies required by the IPPF and mapped with The IIA GCF

What You Will Learn


Business Drivers

  • Improved Regulatory Compliance
  • Reduced Information Security Risk
  • Reduced IT Operating and Development Costs
  • Improved Operating Efficiencies and Transparency
  • Improved User Satisfaction
  • Increased Effectiveness of Key Business Initiatives

Identity and Access Management Concepts

Adoption Risks

Definition of Key Concepts

Identity Management vs. Entitlement Management

  • Identity and Access Management Process
  • Entitlement Management

Identity and Access Management Components

  • Identity Types
  • Onboarding
  • Offboarding

Access Rights and Entitlements

  • Identity Access or Entitlement Changes
  • Granting Access Rights to Privileged Accounts
  • Segregation of duties

Provisioning Process

  • Access Request
  • Approval
  • Propagation and Identity Creation
  • Communication
  • Logging

Administration of Identities and Access Rights Process

  • Periodic Audit and Reconciliation of Identities and Entitlements
  • Policy Statement Administration
  • IAM Strategy
  • IAM System Administration
  • End-user Password Administration
  • Storage and Handling Considerations
  • Reporting

Enforcement Process

  • Authentication and Authorization
  • Logging

Use of Technology in IAM

  • What Types of Technology Exist?
  • Pros and Cons of Technology Use
  • How Is the Technology Used?
  • Additional Concepts

The Role of Internal Auditors

Current IAM Processes

  • Business Architecture
  • Policies
  • Laws, Regulations, and Mandates
  • Budget
  • Timeline
  • Business Requirements

Auditing IAM

  • Evaluation of IAM
  • Evaluating Entitlement Management
  • Approach to examine IAM process within the organization

Audit Activity

  • Simulation of auditing IAM through auditing exercises and examples

Who Should Attend

This is a course offered is ideal for all auditors


See route

Contact us

For additional event or venue information, please email training@iia-p.orgYou can also reach us at +63 79409551

Sponsors and Partners