This is a past event. Registration is closed. View other The Institute of internal Auditors Philippines, Inc. events.
Focus and Features
Provide insight into what Identity and Access Management (IAM) means to an organization and a process to determine internal audit areas for investigation.
Course Objective
At the end of the Course, the participants shall be able to:
- Have an understanding of the identity access management drivers, concepts and risks
- Knowledge on the definition of key concept used in analyzing, and monitoring organization's IAM processes
- Learn the role of internal auditors and develop an IAM audit approach to examine the identity and access management processes that exist within the organization.
- Attain the appropriate competencies required by the IPPF and mapped with The IIA GCF
What You Will Learn
Introduction
Business Drivers
- Improved Regulatory Compliance
- Reduced Information Security Risk
- Reduced IT Operating and Development Costs
- Improved Operating Efficiencies and Transparency
- Improved User Satisfaction
- Increased Effectiveness of Key Business Initiatives
Identity and Access Management Concepts
Adoption Risks
Definition of Key Concepts
Identity Management vs. Entitlement Management
- Identity and Access Management Process
- Entitlement Management
Identity and Access Management Components
- Identity Types
- Onboarding
- Offboarding
Access Rights and Entitlements
- Identity Access or Entitlement Changes
- Granting Access Rights to Privileged Accounts
- Segregation of duties
Provisioning Process
- Access Request
- Approval
- Propagation and Identity Creation
- Communication
- Logging
Administration of Identities and Access Rights Process
- Periodic Audit and Reconciliation of Identities and Entitlements
- Policy Statement Administration
- IAM Strategy
- IAM System Administration
- End-user Password Administration
- Storage and Handling Considerations
- Reporting
Enforcement Process
- Authentication and Authorization
- Logging
Use of Technology in IAM
- What Types of Technology Exist?
- Pros and Cons of Technology Use
- How Is the Technology Used?
- Additional Concepts
The Role of Internal Auditors
Current IAM Processes
- Business Architecture
- Policies
- Laws, Regulations, and Mandates
- Budget
- Timeline
- Business Requirements
Auditing IAM
- Evaluation of IAM
- Evaluating Entitlement Management
- Approach to examine IAM process within the organization
Audit Activity
- Simulation of auditing IAM through auditing exercises and examples
Who Should Attend
This is a course offered is ideal for all auditors who are not primarily IT auditors but need to understand identity and access management (IAM) concepts within their auditing or compliance roles.
Number of CPE units: 3
Privacy Notice: We collect your personal information to register you in our training/ membership events and photos/videos will be taken for evidentiary purposes in relation to IIAP Seminars. We will use this information to provide services regarding your attendance and if you agree, to send you marketing information.
By giving us your personal information you consent to our use of it for the purposes described in this Privacy Notice.
