Brian Iverson is a Research Director in IT Leaders Systems, Security and Risk at Gartner. His main coverage area is identity and access management (IAM), which encompasses a broad range of technologies and processes, including user administration/provisioning, access governance, web access management and federation, directory services and virtual directories, and privileged access management. He also covers the business side of IAM, including strategy, business cases, and working with consultants and system integrators.
IAM Program Leader
Chief Security Officer (CSO)
Chief Information Security Officer (CISO)
Chief Risk Officer (CRO)
Mr. Iverson provided information protection and identity and access management services in a broad array of industries over the years, most often for financial services, retail, information technology, pharmaceuticals and state government clients. His primary role with client projects was architect, helping clients to envision and achieve their business goals through the use of information technology.
Director Advisory, Information Protection & Business Resiliency
Northwestern National Life Insurance Co.
Corporate Information Center Systems Analyst
Security and Risk Management Leaders
Identity and Access Management Program (retired)
Delivering Effective Identity and Access Management Capabilities (retired)
Privacy Management Program (retired)
Security of Applications and Data
B.S., Economics, University of Minnesota - Twin Cities
1Identity and access management strategy, roadmap, business case, architecture, staffing and operations.
2Identity governance and administration (IGA), managing accounts and entitlements in distributed systems, provisioning, access requests, role-based access control (RBAC) and access certification.
3Segregation of duties (SOD) controls monitoring, managing access for applications with complex, role-based authorization models (such as SAP, Oracle, PeopleSoft, etc.).
4Identity and access management (IAM) professional services, which include consulting, system integration, and managed and hosted services.
5Password management, which includes password synchronization and self-service password reset (SSPR) for heterogeneous environments.