Sign up to save your podcasts
Or
Share Identity & Access Management
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Identity & Access Management
The Institute of Internal Auditors Presents: All Things Internal Audit Tech
In this episode, Bill Truett talks with Nick Lasenko about the critical role of identity and access management in today’s organizations. They discuss common risks, best practices, and the impact of AI on identity and access management. The conversation also covers frameworks, regulatory requirements, and real-world use cases.
Host:
Bill Truett, CIA, CISA, senior manager, Standards & Professional Guidance, IT, The IIA
Guest: Nick Lasenko, CISA, CISSP, cybersecurity, privacy, and risk management practitioner
Key Points
- Introduction [00:00-00:00:07]
- Overview of identity and access management [00:00:08-00:00:31]
- The financial impact of data breaches [00:00:32-00:01:26]
- Challenges in detecting and responding to security incidents [00:01:27-00:02:26]
- Common identity and access management risks for auditors [00:02:27-00:03:26]
- Weak governance and its implications [00:03:27-00:04:26]
- Siloed organizations and identity and access management complexities [00:04:27-00:05:26]
- Regulatory frameworks and standards [00:05:27-00:07:26]
- Identity and access management controls and data governance [00:07:27-00:09:26]
- Real-world use cases and security incidents [00:09:27-00:11:26]
- Horror stories and lessons learned in identity and access management [00:11:27-00:13:26]
- Best practices for managing user access reviews [00:13:27-00:16:26]
- Continuous authentication and its challenges [00:16:27-00:18:26]
- Privileged access management and audit considerations [00:18:27-00:21:26]
- The impact of AI and machine learning on identity and access management [00:21:27-00:23:26]
- Final thoughts on strengthening identity and access management controls [00:23:27-00:25:26]
- Closing remarks [00:25:27-00:31:43]
The IIA Related Content Interested in this topic? Visit the links below for more resources:
- Intermediate IT Auditing
- Auditing IT Change Management
- GTAG: Auditing Identity and Access Management, 2nd Edition
- Fraud and Emerging Tech: Identity and Authentication with the Paycheck Protection Program
- Implementing The IIA’s New Cybersecurity Topical Requirement
- Cybersecurity Topical Requirement
Visit The IIA's website or YouTube channel for related topics and more.
Resources Mentioned
- The IIA's 2025 Analytics, Automation and AI Virtual Conference
- The IIA’s Updated AI Auditing Framework
- NIST Cybersecurity Framework (CSF)
- NIST AI Risk Management Framework
- IBM Cost of a Data Breach Report 2024
- CISA and NSA Guidance on Identity and Access Management
Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer
View all episodes
By The Institute of Internal Auditors
4.4
1212 ratings
The Institute of Internal Auditors Presents: All Things Internal Audit Tech
In this episode, Bill Truett talks with Nick Lasenko about the critical role of identity and access management in today’s organizations. They discuss common risks, best practices, and the impact of AI on identity and access management. The conversation also covers frameworks, regulatory requirements, and real-world use cases.
Host:
Bill Truett, CIA, CISA, senior manager, Standards & Professional Guidance, IT, The IIA
Guest: Nick Lasenko, CISA, CISSP, cybersecurity, privacy, and risk management practitioner
Key Points
- Introduction [00:00-00:00:07]
- Overview of identity and access management [00:00:08-00:00:31]
- The financial impact of data breaches [00:00:32-00:01:26]
- Challenges in detecting and responding to security incidents [00:01:27-00:02:26]
- Common identity and access management risks for auditors [00:02:27-00:03:26]
- Weak governance and its implications [00:03:27-00:04:26]
- Siloed organizations and identity and access management complexities [00:04:27-00:05:26]
- Regulatory frameworks and standards [00:05:27-00:07:26]
- Identity and access management controls and data governance [00:07:27-00:09:26]
- Real-world use cases and security incidents [00:09:27-00:11:26]
- Horror stories and lessons learned in identity and access management [00:11:27-00:13:26]
- Best practices for managing user access reviews [00:13:27-00:16:26]
- Continuous authentication and its challenges [00:16:27-00:18:26]
- Privileged access management and audit considerations [00:18:27-00:21:26]
- The impact of AI and machine learning on identity and access management [00:21:27-00:23:26]
- Final thoughts on strengthening identity and access management controls [00:23:27-00:25:26]
- Closing remarks [00:25:27-00:31:43]
The IIA Related Content Interested in this topic? Visit the links below for more resources:
- Intermediate IT Auditing
- Auditing IT Change Management
- GTAG: Auditing Identity and Access Management, 2nd Edition
- Fraud and Emerging Tech: Identity and Authentication with the Paycheck Protection Program
- Implementing The IIA’s New Cybersecurity Topical Requirement
- Cybersecurity Topical Requirement
Visit The IIA's website or YouTube channel for related topics and more.
Resources Mentioned
- The IIA's 2025 Analytics, Automation and AI Virtual Conference
- The IIA’s Updated AI Auditing Framework
- NIST Cybersecurity Framework (CSF)
- NIST AI Risk Management Framework
- IBM Cost of a Data Breach Report 2024
- CISA and NSA Guidance on Identity and Access Management
Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer
More shows like All Things Internal Audit
View all
Economist Podcasts
4,287 Listeners
HBR IdeaCast
177 Listeners
The McKinsey Podcast
381 Listeners
PwC's accounting podcast
178 Listeners
Behind the Money
225 Listeners
The Long View
885 Listeners
The Audit Podcast
117 Listeners
The Memo by Howard Marks
417 Listeners
Audit Bites
13 Listeners
AUDIT 15 FUN
15 Listeners
This Day in AI Podcast
201 Listeners
HBR On Leadership
155 Listeners
Inside Audit
0 Listeners
The Headlines
496 Listeners
Internal Audit
0 Listeners