client email

search

Identity Access Management		Products		Customers & Partners		Services		Methodology		Knowledge Zone

Preventive SOD engine ACE (Advance components extension) Identity Management - FAQ IDM – Examples Experts Talk Weekly Tip Newsletter Whitepapers Webcast Demos Return on investment (ROI) calculator IDM Forum
		Preventive SOD engine
		ACETM PREVENTIVE COMLIANCE ENGINE ACETM preventive compliance engine adopts a proactive, preventive approach to SoD violation management. ACETM engine will prevent SoD violations from happening by identifying potential SoD violations before they are created and prevent them from happening at the first place. This is not only a more secure nad automated process it is also saves a significant amount of time and money to organization having to handle Sod's violations. ACETM preventative compliance engine is a patent pending technology, successfully implemented at a Fortune 100 company. WHAT ARE SoD VIOLATIONS? WHY IS IT IMPORTANT TO MANAGE THEM? Separation of duties (SoD) is one of the key concepts of internal control and is the most difficult and sometimes the most costly one to achieve. SoD violations management is supposed to guarantee that individuals should not have controls over two or more phases of a transaction, making a deliberate fraud or a human mistake to be more difficult to occur. The term SoD is already well-known in financial accounting systems. Companies of all sizes understand not to combine roles such as receiving checks and approving write-offs, approving time cards and have custody of pay checks, etc. SoD is a fairly new concept to the IT departments. SoD violations become a significant challenge to information technologies once SOX internal control requires managing them. In information systems, SoD violation management reduces the potential damage from the actions of one person. THE PROBLEM: TRADITIONAL METHODS FOR SoD MANAGEMENT ARE CONSTLY AND NOT SECURE SoD violations are normally controlled via a process called "Audit & Remediate". The process works as follow: Periodically collect users access entitlements from the different IT systems Compare users entitlements to known SoD violations Identify the SoD violations per user Manually remediate the violations per user The traditional process introduces the following problems: This process starts "after the fact" namely it finds SoD violations that already exists and it may well be that damage was already caused It involve significant amount of auditing which consume considerable amount of time It involves a manual resolution process which is costly and is prone to errors ACETM Preventive compliance engine solves these problems

About Us   Products   Identity Access Management   Customers & Partners   Our Services   Methodology   Knowledge Zone   Registration Contact Us   Term of Use   Privacy   News   Site Map

Copyright © 2005 IDFocus