Trends and future direction in SOD and User Access Management
In the last decade, there has been a shift toward cloud-based software and best-of-breed applications. Organizations are leveraging many applications at once which has created increasingly complex environments, thus requiring auditors to adjust their work accordingly. Business transactions can span two or three applications before finally landing in the general ledger. All of this drives the new for strong SoD and User Access Management.
In this session, we will review how organizations can manage their segregation of duties (SoD) across multiple systems and minimize their risk while maintaining a best-of-breed approach. We also will review why organizations need to better control insider threats by managing user access to their applications as well, and how auditors can best adjust their plans and programs accordingly.
- Learn the risks associated with working across multiple systems.
- Best practices to manage cross-application access risk.
- Benefits of utilizing a tool with pre-built integrations and out-of-the-box rulesets.
The Personal Data Supply Chain: What it Means to You and Your Company Now
First it was GDPR, now CCPA, bottom line, the focus on privacy and the rights around personal data are now just a part of business. While there has been a lot of talk around compliance with different privacy regulations, often lost in this discussion is how companies need to adapt going forward, and that compliance is not just a one-time exercise. In this session, we will explore how the controls around the privacy of personal data are more than just a technical challenge. We will show how without sound business process changes along with updated methodologies in place, companies will still fail to provide environments that others in your ‘personal data supply chain’ will want to transact and partner with going forward.
As auditors, our audit plans, schedules, scopes, and programs need to be adjusted in more than just technical areas. We will explore how this supply chain impacts audit planning across your organization. The risk is real, not just from an individual perspective, but also from a business partner perspective as well, as auditors, we must be reviewing how the risks are being addressed
- Regulations/ laws concerning Data privacy
- The GDPR and its impact
- How to monitor who you give data to and who they pass it on to.
About the Presenter: Frank Vukovits is currently the Director of Strategic Partnerships at Fastpath Solutions. He has over three decades of experience as an auditor and business software professional, and he has held many previous leadership roles in implementation and management of numerous ERP projects. Vukovits is one of the proud founders of the Microsoft Dynamics AX User Group (AXUG) and served as director of programming for AXUG for seven years, as AXUG grew from just an idea to the largest user group in the world dedicated exclusively to Dynamics AX. He was also in corporate IT audit for GTE/Verizon for twelve years and still holds Certified Internal Auditor (CIA) and a Certified Information System Auditor (CISA) designations. He also passed the CISSP exam back in 2001. He is a frequent speaker at IIA, ISACA, software, and user group conferences.