Tool Mentor: TAM - Implement Compliance Controls
TM004 - How to Implement Compliance Controls Using IBM Tivoli Access Manager for Operating Systems
Tool: IBM Tivoli Access Manager
Relationships
Related Elements
Main Description

Context

Tool mentors explain how a tool can perform tasks, which are part of ITUP processes and activities. The tasks are listed as Related Elements in the Relationships section.

You can see the details of how processes and activities are supported by this tool mentor, by clicking the links next to the icons:

Details

IBM® Tivoli® Access Manager for Operating Systems provides a secure, efficient way to enforce and audit accesses on UNIX® system resources. Centralized policy administration, tracking of UNIX identity changes, and reporting capabilities of the enforced security policy provide organizations with the ability to easily verify and enforce compliance to security standards.

Through centralized security policy administration, organizations dramatically reduce costs of compliance checks by ensuring that the managed assets all follow the same security guidelines implemented through the defined security policy. In addition, the ability to divide security policies into logical entities called branches representing either machine groups or application groups provides a flexible, powerful, and simple method for managing security controls that apply to various corporate assets.

Role and responsibility definition, a critical part of compliance management, rely on the basic assumption that security policies are enforced on well-known identities that can be traced to an organization or person. Tivoli Access Manager for Operating Systems ensures that all changes of UNIX identities are tracked and traced back to the original authenticated user identity. By also expanding the traditional UNIX access controls, organizations can define finer-grained access restrictions to better meet compliance requirements.

Additionally, Tivoli Access Manager for Operation Systems provides policy reporting capabilities. Organizations can leverage those reports by performing compliance checks against them and ensuring that the applied security policies follow corporate compliance standards.

For More Information

For more information about this tool, click on the link for this tool at the top of this page.

©Copyright IBM Corp. 2005, 2008. All Rights Reserved.