Secure identity management (IDM) is complex to achieve uniformly across an enterprise, but is fundamental to both compliance with standards like SOX and PIPEDA, and to minimizing the risks of internal and external attacks.
Identity management combines processes, technologies, and policies to manage digital identities and specify how they are used to access resources. This process becomes complex when a company has multiple departments, locations in different countries and regions, business divisions, and various software choices.
Inordinate amounts of time are often required to align / correlate / and identify non compliance with standards for user rights and privileges across:
- directory services.
The ERE identity management audit examines and makes remedial recommendations on:
- Management of user rights and privileges.
- Consistency of changes to user privileges across the enterprise such as:
- Human resource files.
- Active Directory.
- Geographically separated sites.
- Verification of application and database identity management.
- Internal testing procedures for controls.