Security and risk management leaders responsible for identity and access management (IAM) often struggle to obtain adequate funding for investments in IAM capabilities. IAM leaders must provide a persuasive business case that demonstrates alignment of the program with business needs and provides metrics to define success.