Mature Your Identity and Access Management Program
Securely manage identities and their access from identity creation to deactivation.
RETIRED CONTENT
Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.Weak IAM practices result in considerable risk to the organization because it plays a role in most things in IT. Common reasons behind weak IAM practices include:
- There is no central ownership of IAM. Owners of IAM actions outside of IT (e.g. provisioning an account in an HRIS) may be resistant to adopting change.
- IAM processes are ad hoc and reactionary. Organizations do not have a high-level understanding of how identities and access is managed at the organization.
- The organization lacks technology to better manage their defined IAM processes. IAM software remains expensive and is often implemented before the people and processes to support that technology have been identified.
Info-Tech provides a high-level framework that helps organizations ensure they are following best practice at all stages of an identity's’ lifecycle.
- Identify the drivers behind improving your IAM practices.
- Develop best practice processes for each section of the identity lifecycle.
- Understand the benefits of using IAM software.
Book Your Workshop
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.
Module 1: Assess Identity and Access Requirements
The Purpose
- Understand the drivers, goals, and scope of the IAM improvement project.
- Explore the IAM challenges and risks that exist for the organization.
Key Benefits Achieved
- A list of goals for improving the organization’s IAM practices, based on the existing drivers and defined project scope.
- A list of the IAM challenges that the organization faces.
- A list of the inherent IAM risks because of the organization’s IAM challenge, and the risks that exist due to current IAM practices.
Activities: | Outputs: | |
---|---|---|
1.1 | Define the goals and scope of the IAM improvement initiative. |
|
1.2 | Identify the IAM challenges and risks that exist for the organization. |
|
Module 2: Identify Initiatives Using the Identity Lifecycle
The Purpose
- Identity areas of weakness within existing IAM practices and create improvement initiatives.
Key Benefits Achieved
- A better understanding of the strengths and weaknesses of the organization’s current IAM practices.
- A list of initiatives for improving the organization’s IAM practices.
Activities: | Outputs: | |
---|---|---|
2.1 | Investigate current and desired onboarding practices. |
|
2.2 | Investigate current and desired authentication practices. |
|
2.3 | Investigate current and desired authorization practices. |
|
2.4 | Investigate current and desired identity and access auditing practices. |
|
2.5 | Investigate current and desired offboarding practices. |
|
Module 3: Prioritize Initiatives and Build a Roadmap
The Purpose
Prioritize initiatives for improving IAM practices at the organization and incorporate them into a roadmap.
Key Benefits Achieved
The development of a roadmap for improving Identity and Access Management at the organization.
Activities: | Outputs: | |
---|---|---|
3.1 | Conduct cost/benefit analysis on initiatives. |
|
3.2 | Prioritize gap initiatives based on cost, time, and alignment with the business. |
|
3.3 | Build an effort map. |
|
3.4 | Determine initiative start times and accountability. |
|
3.5 | Finalize IAM roadmap and action plan. |
|