Method and System for Managing and Monitoring Continuous Improvement in Detection of Compliance Violations
First Claim
1. A method performed by a computer for auditing a distributed computing environment in which a plurality of entities has identity accounts which allow access to protected resources in the environment, comprising:
- by a processing unit in the computer, collecting data associated with an identity account in a plurality of identity accounts, wherein the data comprises at least one of compliance data, prior compliance violation data, or personal data about an entity associated with the identity account;
determining a risk factor for the identity account based on the collected data;
calculating a risk score of the identity account based on the determined risk factor; and
auditing the identity account with a frequency according to the risk score assigned to the identity account.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer implemented method, data processing system, and computer program product is provided for using compliance violation risk data about an entity to enable an identity management system to dynamically adjust the frequency in which the identity management system performs a reconciliation and compliance check of an identity account associated with the entity. Data associated with an identity account is collected, wherein the data comprises at least one of compliance data, prior compliance violations, or personal data about an entity associated with the identity account. One or more risk factors for the identity account based on the collected data are determined. A risk score of the identity account is calculated based on the determined risk factors. The identity account is then audited with a frequency according to the risk score assigned to the identity account.
-
Citations
20 Claims
-
1. A method performed by a computer for auditing a distributed computing environment in which a plurality of entities has identity accounts which allow access to protected resources in the environment, comprising:
-
by a processing unit in the computer, collecting data associated with an identity account in a plurality of identity accounts, wherein the data comprises at least one of compliance data, prior compliance violation data, or personal data about an entity associated with the identity account; determining a risk factor for the identity account based on the collected data; calculating a risk score of the identity account based on the determined risk factor; and auditing the identity account with a frequency according to the risk score assigned to the identity account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A data processing system for auditing a distributed computing environment in which a plurality of entities has identity accounts which allow access to protected resources in the environment, comprising:
-
a bus; a storage device connected to the bus, wherein the storage device contains computer usable code; and a processing unit connected to the bus, wherein the processing unit executes the computer usable code to collect data associated with an identity account in a plurality of identity accounts, wherein the data comprises at least one of compliance data, prior compliance violation data, or personal data about an entity associated with the identity account;
determine a risk factor for the identity account based on the collected data;
calculate a risk score of the identity account based on the determined risk factor; and
audit the identity account with a frequency according to the risk score assigned to the identity account.
-
-
13. A computer program product for auditing a distributed computing environment in which a plurality of entities has identity accounts which allow access to protected resources in the environment, comprising:
-
a computer readable storage medium having computer readable program code stored thereon, the computer readable program code for execution by a computer, comprising; computer readable program code for collecting data associated with an identity account in a plurality of identity accounts, wherein the data comprises at least one of compliance data, prior compliance violation data, or personal data about an entity associated with the identity account; computer readable program code for determining a risk factor for the identity account based on the collected data; computer readable program code for calculating a risk score of the identity account based on the determined risk factor; and computer readable program code for auditing the identity account with a frequency according to the risk score assigned to the identity account. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification