Six Ways to Reduce PCI DSS Audit Scope by Tokenizing Payment Card Data
[ Source: nuBridges ]
June 2009-
Enterprises are seeking ways to simplify and reduce the scope of the Payment Card Industry’s Data Security Standard (PCI DSS) compliance by shrinking the footprint where cardholder data is located throughout their organizations. By reducing the scope, these enterprises can dramatically lower the cost and anxiety of PCI DSS compliance and significantly increase the chance of audit success. Compliance with the PCI DSS is a combination of documented best practices and technology solutions ....
BPM Done Right: 15 Ways to Succeed Where Others Have Failed
[ Source: Software AG ]
March 2008-
The rates of adoption of business process management (BPM) technology are increasing dramatically, and with them, the stories of missed expectations and wasted investment also are on the rise. BPM’s promises are real, but the path to success is littered with pitfalls and shortcuts to failure. Best practices can help you avoid them. The good news is that BPM has now reached a stage of maturity that ensures that customers who are just embarking on ....
Five Steps for Building the Business Case for SOA Governance
[ Source: Software AG ]
November 2008-
IT architects understand that governance is essential to service-oriented architecture (SOA) success, but they need to get the business to understand this as well. With SOA, financial services firms gain a flexible architecture that slashes maintenance demands, improves quality and reusability, speeds the development of new systems, and reduces time to market. But in order to achieve these benefits SOA development must begin with SOA governance. Without governance SOA can turn into chaos. Too often, ....
Liquidity Risk Management - Good Practices for Broker Dealers
[ Source: Tata Consultancy Services Ltd ]
February 2009-
The paper deals with criticality of adherence to good liquidity management practices by broker dealers. Liquidity is essential to the viability of broker dealer firms. Any risk posed to the timely and cost-effective supply of liquidity can be disruptive in many ways. Therefore, it is crucial for broker dealers to devise and implement appropriate liquidity risk management practices and strive to create a risk sensitive culture across their organization.
Modern Policy Administration Systems Require Modern Implementation Methodologies
[ Source: Camilion Solutions, Inc ]
December 2008-
The insurance industry is rife with anecdotes of late or failed implementations and millions of dollars lost in the process. In the Celent report "The 18 Month Rule: Avoiding The Endless Project" (Nov. 2006), it was noted that “between 30% and 80% of all large projects fail, with most estimates coming in on the higher side of this range.” But it doesn’t have to be this way –- implementations of modern policy admin systems can ....
Automating the Virtual IT Lifecycle: Delivering Compliance, Command and Control with Process Automation
[ Source: Enigmatec ]
September 2008-
There is a shift occurring in the way many organizations view their IT operations. The new focus is on the customer's perspective of IT's contribution to the business, whether the customer is a development team, internal business unit, or external customer or partner. This shift is significant for IT organizations, as it forces them to think of themselves more as service providers than support teams. This discipline is termed IT Service Management (ITSM), and it's ....
Managing Risk for Effective Access Governance
[ Source: Aveksa ]
January 2008-
User access-related business risk comprises a broad array of potentially damaging events that may be caused or made possible by inadequate governance of access to an enterprise's information assets. Such events range from relatively minor policy and compliance violations to disastrous business losses. The stakes involved in access-related risk have risen dramatically in recent years as organizations have become thoroughly operationalized by technology.With nearly every facet of large enterprises' operations now dependent on or supported ....
Meeting the Challenges of Enterprise Roles-based Access Governance
[ Source: Aveksa ]
October 2007-
Real-world attempts to implement roles-based systems have shown that unless roles fit into a context that ties together existing entitlements, company policies, regulatory requirements, and current business process realities, they simply don’t work. Without this context, the result is a system that can’t keep pace with changing business-user requirements. This paper describes a new roles-based model of access governance that overcomes the challenges companies have faced in the past with roles-based access control systems. This ....
Beyond the Checkbox: A Sustainable Approach to Access Certification
[ Source: Aveksa ]
February 2007-
Every large enterprise has employees who need some level of access to its critical information resources, and many also provide a wide variety of types and levels of access to contractors, partners, vendors, and customers. Each of these points of access represents a source of potential business and compliance risk. The process, by which access entitlements and roles are authorized, reviewed, certified, and periodically recertified is critical to an organization’s ability to meet compliance standards ....
Ponemon Institute Survey - The 2008 National Survey on Access Governance
[ Source: Aveksa ]
February 2008-
According to the 2008 National Survey on Access Governance released on February 5th by the research firm Ponemon Institute, organizations are facing significant business risks because of inconsistent approaches to access management across the enterprise. This survey of almost 700 experienced IT practitioners show that vast majority believe that employees, temporary employees and independent contractors have too much access to information assets that are not pertinent to their job function, and that access policies ....