Considerations in Selecting an Identity & Access Governance Solution in Financial Institutions
Facebook X LinkedIn

Considerations in Selecting an Identity & Access Governance Solution in Financial Institutions

Roundtable
Thursday, May 16, 2013 14:00—16:00
Location: WALCHENSEE

Considerations in Selecting an Identity & Access Governance Solution in Financial Institutions

Rosa’s presentation will outline the key considerations in selecting an enterprise IAM/IAG solution with focus an financial institutions. Areas to be covered include

and much more.

Rosa Caputo
Rosa Caputo
Keydata
Rosa is Principal and Founder of KeyData, a consultancy specializing in Identity and Access Management, IT Security Management, Operational Risk Management and Compliance Management. A recognized...

Mastering the Challenge: Making Access Governance a Part of IT GRC and IT GRC a part of Enterprise GRC

Many organizations are facing sort of a “GRC sprawl”. There are many disparate initiatives for GRC (Governance, Risk Management, Compliance) at various levels of the organization and in different divisions. On the other hand, it is all about enforcing governance, meeting regulatory compliance requirements, and managing and mitigating risks. Access Governance, for instance, is about Access Risk. The only reason to do Access Governance is that Access Risks might result in operational risks, reputational risks, and even strategic risks. Failure in managing access risks even might drive an organization out of business.

Thus, moving forward towards a more integrated view on GRC and cooperation and integration between the various levels and elements of GRC – such as Operational Risk Management, Business GRC, Continuous Controls Monitoring, IT GRC, Security Event Monitoring, or Access Governance – is a mandatory step. This is not about having only one team and solution in place, but it is about defining the interfaces between the various elements of GRC, both from an organizational and technical perspective. One approach on GRC, one approach on managing risk, etc.: Alignment is key to success in real Enterprise GRC.

The panelists will talk about their view on the need for such integration, the approaches to make progress on this, and their overall experience in mastering the challenge of moving forward from GRC sprawl to an enterprise-wide GRC concept.

Prof. Dr. Heinz-Dieter Schmelling
Prof. Dr. Heinz-Dieter Schmelling
Portigon AG
Heinz-Dieter Schmelling is Chief Security Officer at Portigon AG (legal successor of WestLB), a finanical service provider in particular with regard to the management of banking portfolios. His...
Dirk Venzke
Dirk Venzke
Commerzbank AG
Academic Studies of economics at Helmut Schmidt University of the Federal Armed Forces in Hamburg (Dipl.-Volkswirt) and of business management at distance university Hagen (Dipl.-Kaufmann). Officer...

Fighting Hydra – Strategies for Audit and Control of large Numbers of Applications

When setting up an access management and governance solution, large organizations often have to deal with hundreds of applications with different access control models. This creates various challenges on organizational and technical level, like for example: How should audit policies, attestation campaigns and request processes be set up across applications? How can reports and dashboards be tailored effectively? What is the most efficent approach with regards to connector technology?

This session will provide recommendations for setting up a comprehensive IAG/IAM solution for "many applications" scenarios.

Dr. Martin Kuhlmann
Dr. Martin Kuhlmann
Omada
Dr. Kuhlmann plays a key role in the continued development Omada’s solutions, including the award-winning Omada Identity Manager solution that is built entirely on the Microsoft platform and...
Darran Rolls
Darran Rolls
SailPoint
Mr. Darran Rolls is the Chief Technology Officer and Chief Information Security Officer and at SailPoint, where he is responsible for directing the company’s technology strategy and security...
Andrea Rossi
Andrea Rossi
IBM
Andrea Rossi is leading global Identity Governance sales at IBM. Prior to this, Andrea Rossi has served as VP Sales & Partners at CrossIdeas, acquired by IBM on July 31st 2014., where he was...
Deepak Taneja
Deepak Taneja
Aveksa
Deepak Taneja is the Founder and CTO of Aveksa, a security compliance software company. Prior to founding Aveksa, he was CTO and VP of Engineering at Netegrity. In this role, he was instrumental in...
Subscribe for updates
Please provide your email address