Risk is always present when people have access to information. The risk may be as simple as the consequences of human error, or as serious as fraud. The first line of protection against access risk is the principle of least privilege: giving users only the access they require for their jobs - no more, no less.

Access risk is present whenever users' access rights conflict with access policies. Sometimes a conflict may be unavoidable, or the risk may be acceptable if properly managed. In such cases, risk remediation measures, such as logging, transaction monitoring or attestation can reduce the risk to acceptable levels.

Least Privilege

IDEAS Entitlement Management, Role Management and Access Certification reinforce the principle of least privilege. Managers can define the access required for each job function and can identify users with inappropriate access. IDEAS Compliant User Provisioning automatically enforces correct access rights.

Remediation Policy

IDEAS defines explicit remediation policies, which specify the remediation measures required in specific circumstances. For example, compliance managers, may specify that a certain SoD conflict is allowable if a user's activities are logged and reviewed.

Automate and Track Risk Remediation

When access policy conflicts arise, IDEAS automatically suggests appropriate remediations. Managers must select and assign a remediation to authorize the access. At any time, risk managers have an overview of the state of risk remediation processes.

Benefits:

• Identify users with more access rights than required
• Quantify the risks of sensitive business processes and access policy conflicts
• Automatically trigger risk remediation measures
• Track and report risk remediation processes

Related Products:

• IDEAS RPD
• IDEAS Compliance Check For SAP