Identity & Access Management Best Practices
Identity and Access Management (IAM) isn’t something you do once and then forget about.

With risks of a cybersecurity breach growing daily, it’s critical to control who has access to sensitive data.  

More companies are outsourcing to specialists or using external experts posing the question of what data should each be able to access.  Other companies allow most employees to access sensitive data which can run afoul of regulatory requirements.  

Companies need to establish or update their policies and procedures for Identity and Access Management (IAM).

This paper presents best practices in the form of a high-level roadmap guiding you from highlighting consensus building across the organization, project planning, to getting a solution implemented, allowing you to maintain your Identity & Access Management Program and align it with regulatory compliance and audit needs.

Table of Contents

Starting at the end… find your pain points

Begin the journey to governance by looking at the pain points you face today

Developing a sales pitch

Identity Management implementations appear destined to fail, let’s meet your steering committee

Meeting regulations and setting priorities… getting funding

IT security IAM projects seem to be an Oxymoron for ROI, how do we find true value

Don’t blame your IAM vendor or your implementer

Developing a strategic phased approach will require you to do a gut check on your data, procedures and current application provisioning strategy…. also start staffing your IAM team

The checklist for vendor selection

How to get ready for the power point invasion… but you may get a free lunch!

Vendor Selection

No jokes here, just solid advice on ensuring you buy only what you can implement this year

Implementation Planning

Roll up your sleeves and don’t get started… unless you have an internal support team and you met your PMO/SDLC’s pre-requisites

Implementation Execution

Executing your plan within a changing environment

Transition to Support

Ensuring all the promised functionality was delivered along with the “non-negotiable” As-Built

Access Recertification & Entitlement Review

Leveraging automation to ensure regulatory compliance and easy audits

Download our whitepaper “Identity & Access Management”


  • Should be Empty: