Information technology governance and controls methods and apparatuses
First Claim
Patent Images
1. An article of manufacture comprising:
- a non-transitory computer-readable storage medium; and
a plurality of instructions stored in the storage medium;
wherein the plurality of instructions are adapted to provide one or more control modules segregated from persons or technologies associated with an enterprise'"'"'s information technology (IT) infrastructure making authorized changes to the enterprise'"'"'s IT infrastructure, to perform a plurality of audit operations, independent of the persons or technologies making authorized changes, comprising;
independently detecting changes to one or more data processing devices in the IT infrastructure, regardless of source, intent or authorization of the changes;
reconciling the detected changes with intended and authorized changes;
correlating the detected changes to events contained in one or more event logs associated with the one or more data processing devices; and
independently reporting change activities, including the detected changes supplemented with the correlated events, across production systems of the enterprise'"'"'s IT infrastructure, including reporting detected intended and authorized changes to persons or technologies making authorized changes.
6 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide methods and systems for automated change audit of an enterprise'"'"'s IT infrastructure, including independent detection of changes, reconciliation of detected changes and independent reporting, to effectuate a triad of controls on managing changes within the IT infrastructure, preventive controls, detective controls and corrective controls.
-
Citations
12 Claims
-
1. An article of manufacture comprising:
-
a non-transitory computer-readable storage medium; and a plurality of instructions stored in the storage medium; wherein the plurality of instructions are adapted to provide one or more control modules segregated from persons or technologies associated with an enterprise'"'"'s information technology (IT) infrastructure making authorized changes to the enterprise'"'"'s IT infrastructure, to perform a plurality of audit operations, independent of the persons or technologies making authorized changes, comprising; independently detecting changes to one or more data processing devices in the IT infrastructure, regardless of source, intent or authorization of the changes; reconciling the detected changes with intended and authorized changes; correlating the detected changes to events contained in one or more event logs associated with the one or more data processing devices; and independently reporting change activities, including the detected changes supplemented with the correlated events, across production systems of the enterprise'"'"'s IT infrastructure, including reporting detected intended and authorized changes to persons or technologies making authorized changes. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus comprising:
-
a processor; and a control module adapted to be operated by the processor to audit an enterprise'"'"'s information technology (IT) infrastructure, the control module being segregated from persons or technologies associated with the IT infrastructure making authorized changes to the IT infrastructure to enable the audit to be performed independent of the persons or technologies making authorized changes, the audit comprising; independent detection of changes to a first production system in the IT infrastructure, regardless of source, intent or authorization of the changes; reconciliation of the detected changes with intended and authorized changes;
correlation of the detected changes to events contained in one or more event logs;and in response to a request to demonstrate control of the IT infrastructure, independent reporting of change activities, including the detected changes supplemented with the correlated events, to all production systems of the enterprise'"'"'s IT infrastructure including reporting detected intended and authorized changes to persons or technologies making authorized changes. - View Dependent Claims (8)
-
-
9. A computer-implemented method of auditing an enterprise'"'"'s information technology (IT) infrastructure, comprising:
-
independently detecting, by a control module operated by a computing device, a change to a production system of the IT infrastructure, regardless of source, intent or authorization of the change and independent of persons or technologies making authorized changes to the IT infrastructure, the control module being segregated from the persons or technologies making authorized changes; reconciling, by the control module, the detected change with intended and authorized changes; correlating, by the control module, the detected change to an event contained in one or more event logs associated with the production system; and in response to a request to demonstrate control of the IT infrastructure, independently reporting, by the control module, detected changes, including the detected change supplemented with the correlated event, to all production systems of the enterprise'"'"'s IT infrastructure, including reporting detected intended and authorized changes to persons or technologies making authorized changes. - View Dependent Claims (10, 11, 12)
-
Specification