- Make it a part of Enterprise Architecture (EA)
- Establish Security Architecture Governance function
- Oversight and Review
- Subcommittee of EA team
- Consider tactical security architecture team
- Corporate and Business User staff
- Drives development and implementation of information security architecture (ISA) into the business and IT
- Focus on relationship building
- Integrate with development lifecycle
- AuthZ, AuthN protocols are adhered to
- Unify CAS, Security, Identity, roles, and priv access
Consider Gartner's IAM Maturity Curve - self assessment or externally lead.
No comments:
Post a Comment