Hosted by: Kuppinger Cole

The event will start on: 08 December 2009, 10:00

And will end on: 09 December 2009, 20:00

Location: Virtual , View Online

http://www.kuppingercole.com/events

During this virtual conference, Axiomatics will be sitting in on the panels of the following webinars:

1. Getting the Big Picture: How Access Governance fits into IT Governance and Risk Management ( 08.12.2009 16:00 - 17:00 CET, 10am Eastern )

Access Governance is a key element in every strategy for information and system security as well as IT Governance. However, there are many different approaches from system-level access control management tools for ERP systems with some SoD support up to “Enterprise GRC” solutions which focus on the risk management and governance approaches from a high-level business perspective, sometimes without the interface to IT systems. And access-related controls are only part of that – 4 of 210 controls within COBIT, for example. For sure they are highly relevant, but they are only part of a bigger story. The link from business controls to IT controls and the role and relevance of the access-related IT controls covered by access governance with respect to complete IT Governance frameworks like COBIT is explained in this session. The different elements and approaches to governance are put into context and associated with the GRC roadmap of Kuppinger Cole.

2. XACML: The Holy Grail of Access Governance?( 09.12.2009 16:00 - 17:00 CET, 10am Eastern )

In this panel, the role XACML will and can play for access governance is discussed. Is XACML the solution? What is missing? How to manage policies and how to analyze these dynamic constructs? And how to avoid vendor lock-in? The strengths, shortcomings and needed improvements are discussed by different vendors and Kuppinger Cole analysts.

3. How to Efficiently Implement SoD Controls: Which Level Works? ( 09.12.2009 17:00-18:00 CET, 11am Eastern )

SoD controls (Segregation of Duties) are a cornerstone of access governance. But how to efficiently implement them? Should they be based on roles, on activities, on granular entitlements? There are many different approaches to solve the problem. In this panel, different vendors and Kuppinger Cole analysts will discuss different approaches for SoD controls, with focus on their manageability and the required granularity.