The 5 steps for an IAM Journey

The first thing you need to do is creating transparency on your application landscape. This is something that many companies already struggle with. Once you have this, and you have built your foundation, start onboarding the applications as they are – one after the other. With this you get control over your landscape and learn how access requests are triggered. You learn which of your applications are mostly used, which of them change often and how much time you waste by managing the access manually. Make a decision of automatizing the access provisioning and improve your environment.

This might already take a few years depending the size of your company!

Once you are stabilized, start the role management transition – but do not believe that this will reduce your management effort. It needs a strong relation with your business functions and instead of reviewing personal access rights you turn it into role-reviews. This step needs to be carefully prepared and driven by a well designed data-minig analysis. Role management is not necessarily beneficial in all types of companies. Companies with individually designed departments have a very low repeating function, which might even increase the management effort. Companies with e.g., many subsidiaries that have same function, might heavily benefit.

Once, all these services are properly defined, you can turn your journey into a pure operational mode, which needs permanent Service Improvement actions and is driven by on- and offboarding of applications and roles.