Compliance Architecture

Build a common architecture to address multiple regulatory requirements:

  • Externalize administration of users and entitlements from applications.
  • Administration process should be user-focused, not application-focused.

Authentication

Authorization

Audit

Infrastructure

Password management.

Automatic access termination;
Sod policy enforcement.

Login ID reconciliation;
Periodic review of user rights.

Firewalls, virus scanners, etc.