When companies lack the capability to either detect or prevent these kind of over-authorized users they introduce this type of risks. The challenge for these organizations is that it’s difficult to deal with large volumes and pick that single user out of many that has this conflicting set of access rights. Access Governance tooling that on a regular basis checks these potential Segregation of Duties and other violations would certainly help. Alternatively a structured Access Certification process would most likely have prevented this fraud and made the Manager aware of these conflicting access rights.
30 Mar 2011 12:15 Read comment
Chandrashekar GopalaraoProduct Manager at Infosys Technologies Ltd
Michael Galvin Product Manager at Linedata
Augustine SamuelProduct Manager at Visa
Dean WalsheProduct Manager at JPMorgan
Margaret ChidotheProduct Manager at Monzo
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.