IAM projects often take too long and cost too much. Why?

Risk management

  • Data quality:
    • Nonstandard, disconnected IDs
    • Incorrect, old identity data.

  • Combine automation and self-service for clean up.

  • Never-ending role engineering:
    • Role based access control is a good objective, but...
    • It can be slow and costly to develop and maintain roles.
    • Some users just don't fit.

  • Start deployment with just a few roles.
  • Add roles gradually, based on demand.

  • Too many workflows:
    • Defining too many forms, processes takes too long.
    • One form, one process per change type? Per system?

  • Implement a generic change management system.
  • Custom forms for just the most popular requests.