Configure SLAs for Firefighter Audit Log Workflow Review

  • by Kehinde Eseyin, Security Architect
  • March 29, 2013
It is important for organizations to act on requests when they are due, especially when working with a compliance tool such as SAP Access Control 10.0. See how to configure emergency access management service level agreements for the review of firefighter audit logs.
Key Concept

A service level agreement (SLA) is an agreed upon delivery time based on policies and procedures that govern the business processes and operations of an enterprise. It allows you to set a defined timeline to perform an action. This capability is tightly integrated with access request management and emergency access management (EAM) in SAP Access Control 10.0. This technology helps to define an agreed upon understanding of priority categorization and service delivery.

A service level agreement (SLA) is used to influence the due date of an access request or workflow request based on defined conditions and rules. It allows the responsible request processor to attend to approval issues promptly based on deadlines set via due dates. This concept is integrated with emergency access management (EAM) to drive the period of approval based on the criticality of the firefighter ID.

A firefighting strategy is effective only if roles and responsibilities are performed when due. EAM is used to drive the temporary authorization of users to perform activities that are outside their normal job responsibility. In most cases, this is to ensure that business operations continue uninterrupted, especially in an emergency situation.

The onus of reviewing the activities performed by a firefighter lies with the firefighter controller. This review is designed to provide an additional layer of control in the use of a privileged account and to create awareness in the mind of the firefighter that his or her activities will be reviewed. The assignment of these privileged user accounts poses varying levels of risk to a business. Risks may be low or high depending on the operating environment. Therefore, the attention to be given to the use and review of firefighter access is also a key issue to consider in the design of your organization’s firefighter strategy.

More importantly, depending on the risk level access poses to a business, measures need to be taken to ensure that the actual action of reviewing the logs is performed. This can be challenging for a controller especially when there are numerous firefighter logs to review in a day. In such a scenario, the controller needs to prioritize the logs to review. This makes the SLA functionality for firefighter log reviews very relevant to EAM.

Kehinde Eseyin

Kehinde Eseyin is a security architect. He holds a bachelor’s degree in computer science. He has about 12 years of IT security, governance framework, IS risk, and compliance experience gained by working in numerous global organizations. Over the years, he has demonstrated competencies in security design, information assurance, cyber security, data privacy, threat and vulnerability management, penetration testing, business architecture, project management, IT audit, IS controls framework, and identity and access management.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.