 |
|
|
|
| Step by Step to Compliance-conformity in IT
|
From Audits of Access Rights to File and Rights Structures in Conformity with Compliance Guidelines
The econet AG recommends a multistage approach of this kind. In an initial step, this Munich-based enterprise provides the capability, with the help
of a special tool, to automatically identify and select rights from historically grown file structures. Businesses thus get immediate answers to
particularly delicate questions such as which people have which rights to access a certain file storage within the enterprise?
To answer this question, employee identifiers are resolved into actual names. Another sensitive question is: Which rights to which file storages has
a particular employee accumulated over the years? To answer this question, the tool reads the rights allocations from the affected file storages,
consolidates the acquired data and delivers the results in the form of a readable report.
In a second step, the software makes it possible to automatically transfer the structures of the files and rights into a freely selectable target
structure. Comprehensible reports about the potential consequences of future target scenarios are generated based on analyses of the status quo and
of particulars such as how the architecture of a new file structure ought to be.
If necessary, warnings are issued: for example, if the software discovers invalid authorizations or unduly long pathways. After the report has been
checked and cleared by specialized departments and administrators, the transformation solution automatically restructures the file systems according
to predefined specifications, reorganizes the file structure (if necessary), and updates the authorizations. Here too, the new status is presented
in the form of reports.
The result is a standardized file system with standardized access rules. For many businesses, this is a first important step toward conformity
with compliance regulations. To further minimize the IT risk for business-relevant processes, it’s essential to maintain this transparency for users,
access rights and data – despite daily changes. Furthermore, it’s crucial to assure that these change processes themselves are governable, assessable
and always open to scrutiny.
> Next ...
> Download PDF
|
| |
| |
1 |
2 |
3 |
4 |
5 |
| |
|
|
|
|
