[Log In] []

Exploring the science and magic of Identity and Access Management
Thursday, April 25, 2024

Governance for Identity Management

Author: Mark Dixon
Friday, January 6, 2006
6:58 am

This morning I read a Burton Group white paper, “Survey: Getting Started with Identity Governance Management.” Here are a few key items I gleaned from the paper.

Based on Burton’s small survey (20 companies), it appears that some form of governance is in place for many Identity Management initiatives, but ownership of such governance is often unclear and methods for measure governance effectiveness are usually not in place.

Strong governance teams help increase quality and reduce risk. Identity Management governance requires strong leadership. Governance structures should fit the culture and principles of the organization.

Key elements in establishing Identity Management governance are:

  • Finding a senior management advocate or sponsor.
  • Finding an owner with responsibility and accountability.
  • Building a core team including:
    • A techie to answer the question, “Is this technically possible.”
    • A business process guru to provide information about business processes
    • A realist/skeptic to ensure goals are realistic and achievable
    • An auditor, to ensure that decisions and policies comply with regulations that may be imposed on the organization
  • Building a cross-functional team that includes representatives from all stakeholders, including:
    • IT decision makers and technical leaders for directory, networking, e-business and application development
    • Information Security management and team leaders or architects
    • Human Resources management and team leaders or architects
    • Data owners
    • Application owners

Properly implemented, governance structures for Identity Management should increase quality, improve response times, reduce incidence of support issues or non-compliance, and increase stakeholder satisfaction.


Comments Off on Governance for Identity Management . Permalink . Trackback URL

Comments are closed.

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.