A system for integrating security and access for facilities and information systems is provided including a computer server, information systems, and facility protection systems. The information systems and facility protection systems are coupled for communication to the computer server via a network. Facility protection systems represent an access control system for controlling entry/exit to areas of buildings, such as with badges or other ID Credentials and other systems, such as intrusion detection and fire systems, to provide protection in facility environments. Information systems each represent a computer system requiring user authorization, via computers or terminals capable of connecting thereto, to access information resources or network environments protected by the computer system. Information systems may also include information protection systems requiring user authorization for external access to other information systems. The computer server has a central database which stores at least information defining users and their access privileges to the information systems and to areas of facilities controlled by access control system. Each of the information systems and facility protection systems sends event data to the computer server when an event occurs on its respective system, and an event transaction processor in the computer server determines action(s), if any, to take in response to one or more received events and accordingly sends action data to other information systems and facility protection systems to instruct such systems to automatically respond to security risks representing by such events in real-time. Central management of users and their access privileges, and monitoring of events is further provided.