When companies lack the capability to either detect or prevent these kind of over-authorized users they introduce this type of risks. The challenge for these organizations is that it’s difficult to deal with large volumes and pick that single user out of many that has this conflicting set of access rights. Access Governance tooling that on a regular basis checks these potential Segregation of Duties and other violations would certainly help. Alternatively a structured Access Certification process would most likely have prevented this fraud and made the Manager aware of these conflicting access rights.
30 Mar 2011 12:15 Read comment
Gianfranco FurlanProduct Manager at Finantix
Rune SørensenProduct Manager at Nets A/S
Shaun ThomasProduct Manager at Namescan
Alicia HeavisidesProduct Manager at Experian UK&I
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.