Governance Model - Slide Show
-
Upload
deborah-obasogie -
Category
Documents
-
view
150 -
download
0
Transcript of Governance Model - Slide Show
WEDNESDAY, NOVEMBER 20 , 2013
Access Rights Review
05/03/2023
Governance Model1
PurposeThe NeedShared OwnershipKey ElementsAudit TeamDepartment ReviewsNew Access Management PolicyAccess Rights Review ProcessSchedule (up to Pilot, after Pilot)Schedule A – Periodic Reviews
11/20/2013
Create a reliable and consistent corporate model to identify and evaluate user access rights that is….
Purpose
11/20/2013
In compliance with the security and risk management process.
2
The Need
11/20/2013
1 • Response to internal and external Audits
2• Culture of compliance – “it’s the right thing
to do”
3 • Enforce the Principle of “least privilege”
4• Identify access and permissions to MeM
systems
5• Detect inappropriate access to MeM
systems
6• Correct inaccuracy access thus reducing risk
for the organization
3
Shared Ownership
11/20/2013
EXECUTIVE TEAM
INITIATIVE
FINANCE
PROCESS
IS OPERATIONS
DATA
BUSINESS UNITS
Authority
Ownership
Responsibility
4
Key Elements
11/20/2013
Access Rights ReviewAudit TeamCoordinat
e/Conduct Process
Review & Approve Schedule
Approve Reports
Approve Process
Coordinate Kickoff
Review Findings
IntegrationIntegrate
Corporate Policies
(3)
ScheduleIdentify Systems
to ReviewDetermi
ne Periodic ReviewsDetermi
ne Start/End Dates
Determine Data
Owner
Get Schedule Approval
ReportsIdentify ReportsDetermi
ne Report DataDetermine
Report FormatDetermi
ne Delivery MethodGet Report
Approval
PilotDetermi
ne ProcessSelect System to Pilot
Perform ProcessReview/
Fine-Tune
ProcessGet
Process Approval
5
Audit Team
11/20/2013
Audit Team
Finance (Controller or External
Auditor)
Compliance
(Compliance Manager)
6
Audit Team
Data OwnersI
T
11/20/2013
Department Reviews7
11/20/2013
New Access Management Policy8
11/20/2013
9
7.1 Department Reviews Process
11/20/2013
10
7.2 Audits Process
11/20/2013
11
Schedule (Up to Pilot)
11/20/2013
12
Schedule (after Pilot)
11/20/2013
13
Periodic Reviews
11/20/2013
14
Questions
Q & A