Controlling and managing identity access risk
First Claim
1. A method of controlling identity and access management risk in an information technology (IT) environment, comprising:
- generating, by at least one computing device, a maturity model that maps a plurality of access management controls to a plurality of IT resources associated with the IT environment;
determining, by the at least one computing device, for each IT resource of the plurality of IT resources, a plurality of access management maturity scores, each access management maturity score of the plurality of access management scores corresponding to an access management control of the plurality of access management controls that are associated with the corresponding IT resource;
determining, by the at least one computing device, an aggregate maturity score for the IT environment based on the plurality of access management maturity scores for the plurality of IT resources; and
providing, by the at least one computing device, the maturity model and the aggregate maturity score for the IT environment to at least one governance system.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for controlling and managing identity and access management risks are presented. A computing device may generate a maturity model that maps a plurality of access management controls to a plurality of information technology (IT) resources associated with an IT environment. Subsequently, the computing device may determine, for each IT resource of the plurality of IT resources, a plurality of access management maturity scores. Each access management maturity score of the plurality of access management scores may correspond to an access management control of the plurality of access management controls that are associated with the corresponding IT resource. The computing device then may determine an aggregate maturity score for the IT environment based on the plurality of access management maturity scores for the plurality of IT resources. Thereafter, the computing device may provide the maturity model and the aggregate maturity score to at least one governance system.
64 Citations
20 Claims
-
1. A method of controlling identity and access management risk in an information technology (IT) environment, comprising:
-
generating, by at least one computing device, a maturity model that maps a plurality of access management controls to a plurality of IT resources associated with the IT environment; determining, by the at least one computing device, for each IT resource of the plurality of IT resources, a plurality of access management maturity scores, each access management maturity score of the plurality of access management scores corresponding to an access management control of the plurality of access management controls that are associated with the corresponding IT resource; determining, by the at least one computing device, an aggregate maturity score for the IT environment based on the plurality of access management maturity scores for the plurality of IT resources; and providing, by the at least one computing device, the maturity model and the aggregate maturity score for the IT environment to at least one governance system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for controlling identity and access management risk in an information technology (IT) environment, comprising
at least one processor; - and
memory storing computer-readable instructions that, when executed by the at least one processor, cause the system to; generate a maturity model that maps a plurality of access management controls to a plurality of IT resources associated with the IT environment; determine, for each IT resource of the plurality of IT resources, a plurality of access management maturity scores, each access management maturity score of the plurality of access management scores corresponding to an access management control of the plurality of access management controls that are associated with the corresponding IT resource; determine an aggregate maturity score for the IT environment based on the plurality of access management maturity scores for the plurality of IT resources; and provide the maturity model and the aggregate maturity score for the IT environment to at least one governance system.
- and
-
20. One or more non-transitory computer-readable media storing instructions that, when executed by at least one computing device, cause the at least one computing device to:
-
generate a maturity model that maps a plurality of access management controls to a plurality of IT resources associated with the IT environment; determine, for each IT resource of the plurality of IT resources, a plurality of access management maturity scores, each access management maturity score of the plurality of access management scores corresponding to an access management control of the plurality of access management controls that are associated with the corresponding IT resource; determine an aggregate maturity score for the IT environment based on the plurality of access management maturity scores for the plurality of IT resources; and provide the maturity model and the aggregate maturity score for the IT environment to at least one governance system.
-
Specification