Entitlement Auditing

Good governance requires regular Entitlement Auditing.

The centralized entitlement management system provides a uniform view of the entitlement information of an organization or organizations. This enables the regular auditing of the entitlements of all users in the organization, as required by good management practices. The target of the audits is to ensure that the entitlements of users correspond to their business roles.

Entitlement Auditing Process

External factors like laws and other regulations as well as internal factors like quality systems dictate the requirements for entitlement inspection either regularly or on demand. This inspection can be embedded with the auditing process.

The auditing process starts by the definition of ready-made report types. Reports corresponding to these predefined types are generated regularly or on demand and sent for audit according to the entitlement policy of the organization. A standardized process accelerates inspection and improves the quality of findings.

Entitlement Audit Owners

As an example, superiors can have the responsibility to audit the current entitlements of their subordinates regularly. Correspondingly, the owner of a service needs to audit the internal and external users that have access to the service and their entitlements. The auditing process can be tracked, and authorized users can review the audit progress. The results of each audit are archived to the system for later reference in the instance of e.g. an internal inspection.

Correction of Deficiencies Found in Entitlement Audit

If deficiencies are found during the audit, the responsible person can initiate corrective measures. As a result of the corrections the entitlements of the related users are brought back in line with their business responsibilities. A re-audit can then be scheduled if needed.


Download the Kuppinger Cole Vendor Report about RM5 Software (a €95.00 value) for free!

Free download