August 12th, 2021

Managing Core User Access Risk - WST

There is no question the core system is a high-risk adventure for every financial institution. This is why user access reviews have been an important part of managing this risk. The process of performing a core user access review can be a daunting task, especially for a larger institution. Core systems typically do not make this task easy with limited reporting and complex permission schemes. This can all lead to less than stellar user access management.

Some things to consider:

  • Consider performing a complete core user access review at least annually. Quarterly or semi-annually can be effective if doing sampling of users - just be sure to capture the entire employee-base through the course of a year.
  • Have a documented process that aligns with your core’s permission scheme.
  • Make sure permissions granted in core match the duties/job functions outlined in written job descriptions.
  • If possible, customize reports to provide usable data.
  • If possible, automate components of review process to alleviate burden and mistakes.
  • Get a different set of eyes on the process to ensure thoroughness, this could include outsourcing the review.

If you need help with this arduous task, please reach out to 10-D Security and we’ll be happy to provide you a quote

Authored by: Philip VanMeerhaeghe, CISSP, August 12th, 2021

You May Want to Read More:

Don't Let Urgency Lead to Insecurity, Part 2 - WST

April 17th, 2020

April 17, 2020 Don't Let Urgency Lead...

Keep Yourself from being Roasted – WST

April 9th, 2020

April 9, 2020 Keep Yourself from being...

Complaint Management Programs - More Important Now Than Ever - WST

April 7th, 2020

April 2, 2020 Complaint Management Programs...

Keep your institution off the evening news.

Contact Us