ERE Information Security Auditors
Home | Site Map | Contact Us |  Resource Center
This text is replaced by the Flash movie.
list of IT security and compliance audit steps
ERE Differentiators from other vendors

Identity Management Audit

Secure identity management (IDM) is complex to achieve uniformly across an enterprise, but is fundamental to both compliance with standards like SOX and PIPEDA, and to minimizing the risks of internal and external attacks.

Identity management combines processes, technologies, and policies to manage digital identities and specify how they are used to access resources. This process becomes complex when a company has multiple departments, locations in different countries and regions, business divisions, and various software choices.

Inordinate amounts of time are often required to align / correlate / and identify non compliance with standards for user rights and privileges across:

  • databases.
  • directory services.
  • applications.

 

The ERE identity management audit examines and makes remedial recommendations on:

  • Management of user rights and privileges.
  • Consistency of changes to user privileges across the enterprise such as:
    •  Human resource files.
    •  Active Directory.
    •  Divisions.
    •  Geographically separated sites.
  • Verification of application and database identity management.
  • Internal testing procedures for controls.
 

Contact Us

905 764 3246

 
 
  Budgetary Price Quote
  10 minute scope definition call
  ROI Calculation for your next Audit 
  Sanitized Statement of Work
  Sanitized Audit Report
  Product Literature  
  White Papers and Published Articles
   
  Please see Ron Lepofsky’s book,
The Manager’s Guide to Web Application Security,
published by Apress Media

http://www.apress.com/9781484201497

The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively.

 
Home | Technology Audits | Compliance Audits | Process Audits | Doc Audit/Authorship| | 7x24 Monitoring | Knowledge Transfer
ERE Differentiators | About Us | Site map | Contact Us | |   | Resource Center
Copyrights © 2007-2008. All rights reserved.  

   AddThis Social Bookmark Button