Management Briefing: Identity Governance & Administration
Write a 3 to 5 paragraph briefing paper that identifies and explains the three most important reasons why Sifers-Grayson should invest in an Identity Governance & Administration solution instead of continuing to use the existing paper-based process for requesting and issuing computer accounts.
Your audience is a mixed group of managers from across Sifers-Grayson’s operating areas (company HQ’s, Engineering, Finance & Accounting, Program Management, Sales & Marketing). Some of these managers are familiar with the importance of separation of duties and least privilege but most are not. One or two of the managers might know the definition for RBAC. Your briefing paper needs to address these information needs as well as discussing why information should be labeled as to its sensitivity (“classification”) and ownership.
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your article.
PLEASE USE REFERENCES BELOW
The InfoSec Handbook https://link.springer.com/content/pdf/10.1007/978-1-4302-6383-8.pdf
Read pp 29-35
Read Chapter 4
Read Biometrics pp 297-303
Role based access control https://csrc.nist.gov/projects/role-based-access-control
Common Sense Guide to Mitigating Insider Threats (Introduction, Practice 7, Practice 8 & Practice 10 https://resources.sei.cmu.edu/asset_files/TechnicalReport/2012_005_001_34033.pdf
Identity Governance and Administration
Identity and Access Management (NIST NCCOE) https://www.nccoe.nist.gov/sites/default/files/library/fact-sheets/es-idam-fact-sheet.pdf
Definition: Governance https://www.isaca.org/Pages/Glossary.aspx?tid=1443&char=G
Identity Governance and Administration (Article) https://www.csoonline.com/article/3113451/identity-governance-and-admin-beyond-basic-access-management.html
Privileged Account Management (NIST NCCOE) https://www.nccoe.nist.gov/sites/default/files/library/fact-sheets/fs-pam-fact-sheet.pdf
Enterprise Entitlements Management: Moving beyond authenticationhttps://www.zdnet.com/article/enterprise-entitlements-management-moving-beyond-authentication/
Four Best Practices for Passing Privileged Account Audits (Beyond Trust) https://www.beyondtrust.com/assets/documents/bt/wp-four-best-practices-for-passing-privileged-account-audits.pdf