Identity Access Management & Governance

Creating an Enterprise Identity Access Management Program

IAM Governance Processes, Policies, and Standards

To create the best practices Identity Access Management (IAM) program, it must be able to measure outcomes and provide real or near real-time updates. Performance indicators must measure the improvement of the program’s operations over time. The primary characteristics of an effective performance measurement are as follows:

  1. Relevance
  2. Understandability
  3. Comparability
  4. Timeliness
  5. Consistency
  6. Reliability

These characteristics are explained in greater depth in the following sections.

Setting Program Goals

Each enterprise has a mission and IAM provides critical success factors. Select goals that will focus your energy on improvements in three functional areas.

Identity Management - A person's identity (Identity Data Model) as defined by a number of attributes. The identity model and the associated attributes are derived from authoritative systems. This information must be consistent, timely, and accurate to streamline onboarding, transitions, and offboarding processes.
Identity Access Management - Define what systems and level of access a user should have on enterprise systems. Proper access management secures enterprise and customer data and mitigates risks.
Identity Governance - The ability to review user access and rights based upon changes in job function, risks, separation of duties, or other. An effective governance program is required to meet regulatory and industry compliance requirements.

Use your Program Goals to define a clear vision and build enthusiasm among the program participants. Set your Program Goals to support the mission.