Certified Identity Management Professional (CIMP) Overview & Curriculum



Similar documents
Certified Identity and Access Manager (CIAM) Overview & Curriculum

Identity and Access. Management Services. HCL Information Security Practice. Terrorist Sabotage. Identity Theft. Credit Card Fraud

Provide access control with innovative solutions from IBM.

Protecting Business Information With A SharePoint Data Governance Model. TITUS White Paper

Implementing a Third-Party Management Solution: 5 Steps for Success

CISM (Certified Information Security Manager) Document version:

Certified Identity Protection Advisor (CIPA) Overview & Curriculum

FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

How To Defend Yourself Against Cyber Attacks

Question: 1 Which of the following should be the FIRST step in developing an information security plan?

Feature. Log Management: A Pragmatic Approach to PCI DSS

Realizing business flexibility through integrated SOA policy management.

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking

APPLICATION COMPLIANCE AUDIT & ENFORCEMENT

The Challenges of Administering Active Directory

10 Building Blocks for Securing File Data

IBM Unstructured Data Identification and Management

Establishing a Mature Identity and Access Management Program for a Financial Services Provider

Establishing A Multi-Factor Authentication Solution. Report to the Joint Legislative Oversight Committee on Information Technology

Digital Archives Migration Methodology. A structured approach to the migration of digital records

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

DITA Adoption Process: Roles, Responsibilities, and Skills

Software Development Processes

Executive Summary. Client Onboarding. The Missing Piece of the Client Onboarding Puzzle: How to Move Seamlessly from Onboarding to Trading KYC

Project Management System Services

Preemptive security solutions for healthcare

Pace of Change Broadcast Media. Channel 1 Channel 2 Channel 3

OVERVIEW OF MICROSOFT AZURE

An Oracle White Paper January Access Certification: Addressing & Building on a Critical Security Control

Information Technology

BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING SAP NetWeaver IDENTITY MANAGEMENT

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

Strengthen security with intelligent identity and access management

Vermont Enterprise Architecture Framework (VEAF) Identity & Access Management (IAM) Abridged Strategy Level 0

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

Identity Management: Securing Information in the HIPAA Environment

Insurance Fraud Detection System

Microsoft Infrastructure Assessment

White Paper. An Overview of the Kalido Data Governance Director Operationalizing Data Governance Programs Through Data Policy Management

STATE OF NEVADA Department of Administration Division of Human Resource Management CLASS SPECIFICATION

From Managing Boxes to Managing Business Processes

2015 Global Identity and Access Management (IAM) Market Leadership Award

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Compliance and Ethics at the Federal Reserve Bank of New York

How To Improve Your Business

RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA

Design of Database Security Policy In Enterprise Systems

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.

What IT Auditors Need to Know About Secure Shell. SSH Communications Security

MASTERCARD S CAREER PATH JOURNEY FOR GLOBAL IT/OPERATIONS AND BEYOND

Data Governance Implementation

Business Analyst - IT

EDUCAUSE Security Presentation. Chad Rabideau Senior Consultant Identity Management AegisUSA

Module 6 Documenting Processes and Controls

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

How IT Can Aid Sarbanes Oxley Compliance

Data Quality for BASEL II

DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy IT Risk Strategy V0.1 April 21, 2014

White Paper: The Seven Elements of an Effective Compliance and Ethics Program

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

IBM Software IBM Business Process Management Suite. Increase business agility with the IBM Business Process Management Suite

Key Considerations for Information Technology Governance. 900 Monroe NW Grand Rapids, MI (616)

Making Compliance Work for You

Answers to Top BRMS Questions

END-TO-END BANKING SOLUTIONS

Office of the Auditor General Performance Audit Report. Statewide UNIX Security Controls Department of Technology, Management, and Budget

ISO COMPLIANCE WITH OBSERVEIT

ISA CERTIFIED AUTOMATION PROFESSIONAL (CAP ) CLASSIFICATION SYSTEM

Business-Driven, Compliant Identity Management

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Strong Corporate Governance & Internal Controls: Internal Auditing in Higher Education

Software Development for Medical Devices

Automated User Provisioning

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

WatchGuard SSL 2.0 New Features

Transmittal Letter Objectives and Scope Approach Financial System Permitting Application... 9

Fraud Prevention and Deterrence

Department of Financial Services Superintendent s Regulations

The University of Alabama at Birmingham. Information Technology. Strategic Plan

W H I T E P A P E R S A P E R P L i f e - C y c l e M a n a g e m e n t O v e r c o m i n g t h e D o w n s i d e o f U p g r a d i n g

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

5 Five Ways to Fast ROI With Business Rule Management Systems (BRMS)

BPM Perspectives Positioning and Fitment drivers

Transcription:

Overview There are many factors contributing to the growing need for identity management professionals and technologies. First, the number of devices and their users are growing. These devices are increasingly interconnected and must communicate with one another in order to authenticate the machines and users for requesting services and completing transactions. Managing access for dispersed and diverse users such as employees, customers, and business partners to systems whether hosted internally or externally is another challenge as users require quick access while businesses and regulators need to identify users, and authorize the appropriate access consistent with changing user roles and responsibilities. In fast paced organizations with a high user turnover rate, identity and access management is even more challenging and important to reduce fraud and secure data. Lastly, decentralized and unstructured nature of many directory services has led to an inefficient and sometimes unmanageable user access provisioning, auditing, and reporting, exposing organizations to significant security, reputation, and regulatory compliance risks. Centralizing distributed directories is critical for efficient management of user identities, and, compliance with related regulations. Identity Management Solutions In order to address various identity management risks and challenges some of which are described above, organizations are increasingly considering technology solutions to enable centralized and automated user access management. Page 1 of 5

Identity management is a collection of technology components and processes. One of the major components of an identity management architecture is a directory service or repository of the identity information such as user name, department, email, and access rights. The service interacts with other components to authenticate users and manage access to authorized functions and records. Distributed directory services are commonly used, however, the ultimate goal is to centralize and integrate identity management as much as possible to improve the identity management process and efficiency. Although the rewards of implementing an identity management solution are immense, such initiatives are often very challenging and require the expertise of identity management experts to create and manage teams, gather the requirements, design the system, develop project plans, and oversee the successful implementation and deployment of the system. CIMPs are experts in gathering identity management requirements and design processes while they rely on the highly technical skills of Certified Identity and Security Technologist (CIST) experts for highly technical tasks. Why pursue a CIMP certification? Identity management is growing career field which helps businesses streamline, automate, and track user access. By earning the Certified Identity Management Professional (CIMP) designation, members demonstrate their expertise in gathering identity management requirements, designing processes, and managing projects. Critical Risk Domains The following Critical Risk Domains (CRDs) are developed by IMI and define the specific areas used for CIMP training, testing and certification: 1. Identity Management Framework 2. Business Process and System Design 3. Access and Security Page 2 of 5

4. Audit and Compliance 5. Project Management 1) Identity Management Framework The identity management framework provides a structure intended to serve as a support or guide for the building of an identity management solution which is of utmost value to an organization for identifying individuals in a system and controlling their access to resources based on their roles and associated system access rights. CIMPs must be able to define and interpret an identity management framework which sets the ground rules for developing processes and systems to identify users, store user information, automate and streamline user access with the established access rights information, and track access in the most efficient manner. 2) Business Process and System Design Upon establishment of a framework, business requirements must be gathered to finalize business processes and design the system. CIMPs must be able to interview the appropriate parties to document the current process and propose improvements. They must be able to translate business requirements into technical requirements for the technical staff who are involved with coding, testing and implementation to make sure the system operates in accordance with the business requirements. This understanding must be monitored throughout the project to ensure consistency and alignment. 3) Access and Security As the system is designed, access and security controls must be incorporated to ensure the system access is in accordance with the directory services and access rights. In addition to user provisioning, entitlement management, and access reviews, the system security must be designed to meet the established standards including authentication, identity federation, exception alerts and notification, and single sign-on. 4) Audit and Compliance There are many regulatory requirements related to identity management which certain companies must comply with including user identification and activity tracking. CIMPs must establish continuous audit procedures to ensure than not Page 3 of 5

only regulatory requirements are being complied with but also systems and processes are operating as designed and follow the established standards. Automated monitoring is essential for detecting unauthorized access, violation of policies, and system malfunctions. 5) Project Management CIMPs must develop, adjust and follow a project pan to achieve their established objectives which may be expressed in terms of output, outcome, benefits, or strategy. As such, CIMPs must be able to apply sound project management principles to provide a greater likelihood of achieving the desired result, ensure efficient use of resources, and satisfy the needs of the project stakeholders. The core components of project management include project justification, requirements, timetable, cost, plan, communication, and monitoring which CIMPs must address as they plan and execute their project plans. Certification Process For CIMP eligibility, application process, costs and maintenance, please visit the CIMP page on the IMI website at http://www.identitymanagementinstitute.org Page 4 of 5

Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information