Assessment of Master Thesis – Academic Consultant
Study programme:Applied Informatics
Field of study:Information Systems Management Academic year:2020/2021
Master Thesis Topic:The Role and Importance of Identity and Access Management in Firms Author’s name:Guhan Balaji Ezhilarasan
Ac. Consultant’s Name:doc. Ing. Vlasta Svatá, CSc.
Opponent:Ing. Mgr. Martin Zbořil
Criterion Mark
(1–4)
1. Clarity and comprehensibility of the thesis topic and aims 2
2. The extent and relevance of the description of the current state of knowledge 3
3. The complexity of the thesis topic 3
4. Method adequeteness for solving the given issue, correctness of the choice and use 2
5. The extent, quality and precision of the result description 3
6. Relevance and correctness of the result discussion 2
7. Factual contribution of the thesis result 3
8. Information source relevance and citation correctness 2
9. Logical structure and cohesion among individual parts 2
10. Grammar, linguistic style, terminology and overall arrangement 3
11. Student’s initiative and cooperation with the supervisor 2
12. The use of analytical and data processing methods 3
13. Meeting the principles of ethics and sustainability 2
14. Critical and creative thinking 3
Comments and Questions:
The problem of Identity and Access Management (IAM) is not new but currently we can notice growing attention to this core control of company´s information systems. This trend is accelerated by many different reasons. Examples of some of them are Corona virus pandemic and related home office work, growing importance of cloud computing and cyber security threat. This situation together with acquired experiences in practice and during the studies have let the student to work on this topic. The thesis is divided into three parts. In the first part student explains the research methodology and formulates the objectives and research questions of the thesis. In the second part the IAM theory is briefly introduced together with the latest trends. Main attention is paid to the Active Directory and its accounts. The third practical part deals with the description of the IAM processes improvements in the Sri Lankan medical institution Medobal.
Student focuses on four chosen processes within the IAM and by the help of risk analysis method
describes for each of the process the changes between current a improved state based on implementation of the Global Directory Data Base (GDDB) which is a tailor-made system for Identity and Access
management for the Medobal Firm. In the final part of case study student describes results of interview with the Medobal Company’s Risk Manager dealing with the threats incurred by the company in access management, identification of other relevant controls and measures outside the GDDB which the firm uses in order to minimize the IAM risks. Inspite the fact, that some parts of the research could be better
described, I think, that student Guhan Balaji Ezhilarasan demonstrated his ability to work on a selected topic both in terms of theoretical and practical. Questions: 1. Are you aware about other IAM processes in Medobal that could be subject of future changes? 2. Discuss the impact of Corona virus pandemic on IAM in Medobal (growing number of security incidents, changes in security policy,???? etc.)
Conclusion: The Master Thesis is recommended for the defence.
Suggested Grade: 3
Date: 03/01/2021 doc. Ing. Vlasta Svatá, CSc.
Academic Consultant
