Oracle Identity Management: Governance, Risk, and Compliance Architecture, Third Edition, 3rd Edition (Paperback) book cover

Oracle Identity Management

Governance, Risk, and Compliance Architecture, Third Edition, 3rd Edition

By Marlin B. Pohlman

Auerbach Publications

552 pages | 111 B/W Illus.

Purchasing Options:$ = USD
Paperback: 9781420072471
pub: 2008-04-09
SAVE ~$19.59
$97.95
$78.36
x
Hardback: 9781138440449
pub: 2017-11-15
SAVE ~$41.00
$205.00
$164.00
x
eBook (VitalSource) : 9780429117688
pub: 2008-04-09
from $46.98


FREE Standard Shipping!

Description

In today’s competitive marketplace with its focus on profit, maintaining integrity can often be a challenge. Further complicating this challenge is the fact that those assigned to the task of assuring accountability within an organization often have little, if any, visibility into the inner workings of that organization.

Oracle Identity Management:Governance, Risk, and Compliance Architecture is the definitive guide for corporate stewards who are struggling with the challenge of meeting regulatory compliance pressures while embarking on the path of process and system remediation. The text is written by Marlin Pohlman, a director with Oracle who is recognized as one of the primary educators worldwide on identity management, regulatory compliance, and corporate governance.

In the book’s first chapters, Dr. Pohlman examines multinational regulations and delves into the nature of governance, risk, and compliance. He also cites common standards, illustrating a number of well-known compliance frameworks. He then focuses on specific software components that will enable secure business operations. To complete the picture, he discusses elements of the Oracle architecture, which permit reporting essential to the regulatory compliance process, and the vaulting solutions and data hubs, which collect, enforce, and store policy information.

Examining case studies from the five most regulated business verticals, financial services, retail, pharma-life sciences, higher education, and the US public sector, this work teaches corporation stewards how to:

  • Attain and maintain high levels of integrity
  • Eliminate redundancy and excessive expense in identity management
  • Map solutions directly to region and legislation
  • Hold providers accountable for contracted services

Identity management is the first line of defense in the corporate internal ecosystem. Reconcilingtheory and practicality, this volume makes sure that defense is workable, responsive, and effective.

Table of Contents

Fundamental Concepts

Enterprise Risk

What is Risk Management?

What is Risk Analysis?

Risk Analysis Standards

Common Vulnerabilities

Maintaining the Knowledge Pool, Plans, and the Management Process

Canadian Standard 1797 (CSA-Q850–97)

Summary

Compliance Frameworks

Compliance Framework Taxonomy

COBIT

ISO 27001

ITIL

BSI IT-Grundschutz Methodology

CMMI-SEI

SoGP

GAIT and GAISP

NIST 800 Series

COSO and Turnbull Guidance

SAS 70

Summary

Oracle Governance, Risk, and Compliance Management Architecture

Governance, Risk, and Compliance Control Domain Approach

Conclusion

IDENTITY MANAGEMENT SUITE

Oracle Identity and Access Management Suite

Overview

Oracle’s Extended Identity Management Ecosystem and Control Effectiveness

Regulatory Governance Mapping

Summary

Oracle Identity Federation

Overview

Typical Deployment Architecture

Deployment Scenarios

OIF Source Domain

OAM Configuration Parameters

Domains

Assertion Mappings

Summary

Oracle Identity Governance Framework

Oracle Enterprise Single Sign-On

Overview

Example of An Administrator Adding A New Application

Deployment Architecture

Installation and Administration

Regulatory Governance Mapping

Summary

Oracle Internet Directory and Related Services

Overview

Implementation Detail

Data Integrity Protection

Directory Replication Groups

Oracle Directory Integration Platform

Oracle Certificate Authority

Process Flow

Oracle Wallet

Summary

Oracle Virtual Directory

Overview

Benefits

Deployment Architecture

Installation and Configuration

A Simple OVD Deployment

Join Adapter

OVD BiDirectional Mappings and Plug-Ins

Regulatory Governance Mapping

Summary

Oracle Security Developer Tools

Overview

Installation and Configuration

Deploying and Running the Application

Regulatory Governance Mapping

Summary

Oracle Access Manager

Overview

Extensions and Integration Points

Deployment Architecture

Access Elements

Executables

Authentication and Authorization Plug-ins

Installation and Configuration

Regulatory Governance Mapping

Summary

Oracle Web Services Manager

Architecture

Administrative Components

Service-Oriented Architecture in OWSM

Installation and Configuration

OWSM Administration

Extensibility of OWSM

Security for Web Services

Example: Authentication and Authorization Integrated with COREid

Regulatory Governance Mapping

Summary

Oracle Identity Management

Overview

Logical Architecture

Administration

Administration of Users and User Entities

Customizing the OIM Administrative Console

Functionality

Integration

Installation and Configuration

Post Installation Tasks

Deployment Methodology

Regulatory Governance Mapping

Oracle Smart Roles

Summary

Identity Management Audit and Attestation

Enterprise Manager for Identity Management

Oracle Identity Tracker

Oracle Identity Authenticator

Oracle Adaptive Access Manager

Oracle SSN Vault

Oracle Identity Audit

Oracle Integrating IdM and GRC Application Framework

Oracle UMX User Management

Peoplesoft Applications User Management

Siebel Universal Customer Master

Siebel Branch Teller

iFlex

Oracle Governance, Risk, and Compliance Manager

Summary

Integrating IdM and GRC Technology Platform

Database Vault

Audit Vault

Enterprise User Security

Stellent Universal Content Manager

Records DB

Secure Enterprise Search

Oracle Data Integrator

Compliance Designs

Information Rights Management

Trusted Information Sharing

XML Publisher

Hyperion Compliance Management Dashboard

The Hyperion Basel II Compliance Solution

Hyperion XBRL Server

Summary

GOVERNANCE LANDSCAPE

Asia Pacific and Oceana

Oceana

Asia

Summary

Europe and Africa

European Union

Non-EU European Countries and Africa

Sumamry

Latin America

Argentina

Brazil

Chile

Columbia

Ecuador

Mexico

Paraguay

Peru

Uruguay

Venezuela

Summary

North America

North American Payment Card Industry—Visa, Mastercard, American Express, Discover, and JCL

United States

Canada

Summary

APPENDICES

A Regulatory to Technical Control Mapping

B FISMA Technical Control Mapping

C Oracle Governance Risk and Compliance Ecosystem

Subject Categories

BISAC Subject Codes/Headings:
BUS083000
BUSINESS & ECONOMICS / Information Management
COM032000
COMPUTERS / Information Technology
COM053000
COMPUTERS / Security / General