White Papers for Federal Financial Institutions Examination Council (FFIEC)

Meeting the Challenges of Roles-based Access Governance

Aveska

One of the biggest challenges in managing financial service organizations is the complexity of controlling user access to information resources. Some of these organizations have attempted to implement roles-based systems to address these challenges, but real-world experience have shown that unless roles fit into a context that ties together existing entitlements, company policies, regulatory requirements, and current business process realities, they simply don't work.

Without this context, the result is a system that can't meet the demands of federal regulations such as the Sarbanes-Oxley Act (SOX) and Gramm-Leach-Bliley (GLB) Act in the U.S. or satisfy global measures such as Basel II/Solvency II capital-adequacy requirements and privacy regulations such as PCI, PIPEDA, CA SB 1386 and EU Data Directive.

This paper describes a new roles-based model of access governance that overcomes the challenges ompanies have faced in the past and enables financial organizations to:
*Deploy a policy based approach to roles management that meets compliance requirements
*Gain full visibility into role relevancy and effectiveness
*Achieve a sustainable, comprehensive role lifecycle management

View the White Paper

Share or bookmarklet this web page at: