1. Technical Field
This invention relates generally to computer-implemented access validation. More specifically, this invention relates to computer-implemented access validation for a variety of industries, including compliance management.
2. Description of the Related Art
The business landscape has changed in recent years in that organizations continually attempt to achieve greater worker productivity. As a result people are often required to perform more than one specific job function or role in the organization. However, this need must be tempered by the need for the organization to comply with Sarbanes-Oxley Act of 2002.
The Sarbanes-Oxley Act (SOX) has imposed new requirements on public companies in areas of assessment and oversight of control systems that support external financial disclosures. One of the new requirements is that a company's external auditor, for the first time, must provide an annual opinion on the reliability of the control representation made by a company's CEO and CFO. This has caused companies to struggle to comply with SOX since its enactment.
In many cases, SOX has generated some confusion for corporate officers charged with overseeing compliance. It was initially thought SOX would primarily affect corporate finance departments, but organizations discovered that SOX also affected information technology (IT) functions. However, traditional audit/compliance approaches and tools used in most companies today are inadequate to meet the virtually “real time” assessment and monitoring expectations imposed by SOX, particularly compliance with §404.
In addition to assigning or granting privileges that are compliant with policy, at times it is also desired for an enterprise to provide a type of validation report about the validation of access to resources by entities.