Date of Award

3-2017

Culminating Project Type

Thesis

Degree Name

Information Assurance: M.S.

Department

Information Assurance and Information Systems

College

Herberger School of Business

First Advisor

Dennis Guster

Second Advisor

Jim Q. Chen

Third Advisor

Balasubramanian Kasi

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Keywords and Subject Headings

User Access Review

Abstract

User Access Review is a process of re-evaluating the appropriateness of user access to systems or applications. It is a critical step of the user account management life cycle. Companies implement User Access Review processes to ensure that employees are given least privileges to access critical corporate IT systems, and segregation of duties (SoD) are enabled through effective access control to prevent fraud and error. User access review becomes mandatory for corporations that are in scope under federal regulations, industry standards, or compliances. With growing number of employees (users) and IT systems, the process of conducting user access review becomes increasingly complicated and time-consuming. Corporations often find it changeling to meet audit requirements with existing error prone manual review process and are searching for a better solution for delivering quality access review in a timely manner. A database based user access review tool (UAR Supporting Tool) is proposed in this thesis to improve the efficiency and accuracy of the manual review process.

Share

COinS