1. W E D N E S D A Y , N O V E M B E R 2 0 , 2 0 1 3
Access Rights Review
2. 5/19/2016
Governance Model
1
Purpose
The Need
Shared Ownership
Key Elements
Audit Team
Department Reviews
New Access Management Policy
Access Rights Review Process
Schedule (up to Pilot, after Pilot)
Schedule A – Periodic Reviews
11/20/2013
3. Create a reliable and
consistent corporate model
to identify and evaluate user
access rights that is….
Purpose
11/20/2013
In compliance with the security and risk
management process.
2
4. The Need
11/20/2013
1
• Response to internal and external Audits
2
• Culture of compliance – “it’s the right thing to do”
3
• Enforce the Principle of “least privilege”
4
• Identify access and permissions to MeM systems
5
• Detect inappropriate access to MeM systems
6
• Correct inaccuracy access thus reducing risk for the
organization
3
5. Shared Ownership
11/20/2013
Re s p o n s i b i l i t yOwn ers h ipAu th ority
EXECUTIVE
TEAM
INITIATIVE FINANCE
PROCESS IS OPERATIONS
DATA BUSINESS UNITS
4