2. Investigation and Market Research

Introduction

The investigation and market research has been divided into two sections. The first section (2.1 - 2.4) elaborates further on the origins and overview of the project idea. It then takes an in-depth look at the typical issues IT security departments and auditors are trying to mitigate and sets goals for the basis of the software development.

The second section (2.5 - 2.8) uses the goals and understanding of the problem derived in the first section to focus the market research and investigation within the relevant areas of the Identity Access Management (IAM) tools, IT security processes, and compliance and audit domain.

The overall purpose for the investigation and market research is two-fold:

• To gain knowledge of the IAM tools on the market and understand how effective they are for organisations undertaking compliance and regulation based audit activities.
• Based on the research determine if there is a gap in the market for a lightweight, simple to implement, dedicated tool that could provide closure to audit points; as an inexpensive alternative to a fully-fledged IAM tool.

To verify the idea the investigation will be supported with a range of sources, including interviews with IT Security and Audit professionals to ensure the software development stays in keeping with its original goals.

The information from this investigation and market research will be analysed and used to produce system requirements for a working prototype of the User Guardian idea.