Abstract

Executives overseeing Identity and Access Management (IAM) solutions of enterprise information systems have to manage problematic issues at business, technology and governance levels and their related trade-offs. They are required to make informed investment decisions about technology in a complex, ever changing world. The IAM assurance dashboard model proposed by this research provides a comprehensive view of identity and access management components at an executive level. By revealing the current status of the IAM environment within an enterprise, strategic identity and access decisions are possible based on compliance with IAM requirements. The IAM assurance dashboard model gives the current state of an enterprise’s IAM status, based on evaluation criteria such as hot spots, maturity, technology gaps and compliance. The SABSA model supports the design of the IAM assurance dashboard which is business requirements driven, to address the needs of executives.

Highlights

  • Security begins with identity management, which is vital to ensure the integrity of identities used to access potentially sensitive resources [1]

  • The implementation of Identity and Access Management (IAM) solutions can lead to challenges due to a lack of business focus, where executives overlook the significant impact of IAM on business decisions and compliance [4]

  • Information security regulations dictate that enterprises define and implement administrative, operational, and technical controls that demonstrate ‘‘reasonable assurance’’ that IAM risks are managed to an acceptable level [8]

Read more

Summary

Introduction

Security begins with identity management, which is vital to ensure the integrity of identities used to access potentially sensitive resources [1]. As business units do not have an enterprise-wide view of their environment, they may implement silo identity stores and access policies, making a unified strategy for IAM (Identity and Access Management) [2] [3] difficult. Such challenges lead to increasing administrative costs and ineffective controls. To be able to effectively manage IAM problems, a need exists to define a view of IAM for executives to highlight critical issues that have not been sufficiently addressed [6] [7] These IAM challenges are primarily focused on business requirements, and less on technology. Various technologies and processes support the core elements of an IAM, as identified by security requirements and strategy

IAM assurance dashboard model design
IAM assurance dashboard implementation
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call