Provide insight into what Identity and Access Management (IAM) means to an organization and a process to determine internal audit areas for investigation.
Course Objective
At the end of the Course, the participants shall be able to:
Have an understanding of the identity access management drivers, concepts and risks
Knowledge on the definition of key concept used in analyzing, and monitoring organization's IAM processes
Learn the role of internal auditors and develop an IAM audit approach to examine the identity and access management processes that exist within the organization.
Attain the appropriate competencies required by the IPPF and mapped with The IIA GCF
What You Will Learn
Introduction
Business Drivers
Improved Regulatory Compliance
Reduced Information Security Risk
Reduced IT Operating and Development Costs
Improved Operating Efficiencies and Transparency
Improved User Satisfaction
Increased Effectiveness of Key Business Initiatives
Identity and Access Management Concepts
Adoption Risks
Definition of Key Concepts
Identity Management vs. Entitlement Management
Identity and Access Management Process
Entitlement Management
Identity and Access Management Components
Identity Types
Onboarding
Offboarding
Access Rights and Entitlements
Identity Access or Entitlement Changes
Granting Access Rights to Privileged Accounts
Segregation of duties
Provisioning Process
Access Request
Approval
Propagation and Identity Creation
Communication
Logging
Administration of Identities and Access Rights Process
Periodic Audit and Reconciliation of Identities and Entitlements
Policy Statement Administration
IAM Strategy
IAM System Administration
End-user Password Administration
Storage and Handling Considerations
Reporting
Enforcement Process
Authentication and Authorization
Logging
Use of Technology in IAM
What Types of Technology Exist?
Pros and Cons of Technology Use
How Is the Technology Used?
Additional Concepts
The Role of Internal Auditors
Current IAM Processes
Business Architecture
Policies
Laws, Regulations, and Mandates
Budget
Timeline
Business Requirements
Auditing IAM
Evaluation of IAM
Evaluating Entitlement Management
Approach to examine IAM process within the organization
Audit Activity
Simulation of auditing IAM through auditing exercises and examples
Who Should Attend
This is a course offered is ideal for all auditors
CANCELLATION POLICIES
1. Cancellations received less than 3days prior to the event will be charged a cancellation fee, which is 50% of the registration fee. Cancellation in zoom registration does not mean you are cancelling your registration in our seminar, please send us an official email.
2. No-show registrants will be charged 50% of the registration fee.
3. Substitutions are allowed on two conditions:
• The event/training should be the same.
• The membership status should also be the same, if the other participant is a non-member, he/she must pay the difference.