At the root of most regulatory mandates is the basic requirement to protect information,
ensuring its privacy and accuracy. In other words, regulations specify that organizations
create an environment of effective overall information security practices. There are many
different areas of security, but from a business perspective organizations simply want to
prevent misuse of information in order to protect their customers, shareholders, and
employees. Building trust and reducing risk can bolster confidence while also helping an
organization to meet its compliance obligations.

When most people think of security they think about firewalls and encryption, but one of
the most common areas of risk is in an area often taken for granted: the proper
management of user and password information. Identity Management is a solution that
streamlines, secures, and governs this fundamental business process. This paper
discusses the inner-workings of an Identity Management solution and how it relates to
these mandates: Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard
(PCI), and the Health Insurance Portability and Accountability Act (HIPAA).

PDF: IDM for Compliance