Gartner Expert

Brian Iverson

Research Director

Brian Iverson is a Research Director in IT Leaders Systems, Security and Risk at Gartner. His main coverage area is identity and access management (IAM), which encompasses a broad range of technologies and processes, including user administration/provisioning, access governance, web access management and federation, directory services and virtual directories, and privileged access management. He also covers the business side of IAM, including strategy, business cases, and working with consultants and system integrators.

Roles and responsibility

IAM Program Leader

Chief Security Officer (CSO)

Chief Information Security Officer (CISO)

Chief Risk Officer (CRO)

Security Architect

Security Analyst

Previous experience

Mr. Iverson provided information protection and identity and access management services in a broad array of industries over the years, most often for financial services, retail, information technology, pharmaceuticals and state government clients. His primary role with client projects was architect, helping clients to envision and achieve their business goals through the use of information technology.

Professional background


Director Advisory, Information Protection & Business Resiliency

Century Design

System Administrator

Northwestern National Life Insurance Co.

Corporate Information Center Systems Analyst

Areas of coverage

Security and Risk Management Leaders

Identity and Access Management Program (retired)

Delivering Effective Identity and Access Management Capabilities (retired)

Privacy Management Program (retired)

Security of Applications and Data


B.S., Economics, University of Minnesota - Twin Cities

Read More Read Less

Top Issues That I Help Clients Address

1Identity and access management strategy, roadmap, business case, architecture, staffing and operations.

2Identity governance and administration (IGA), managing accounts and entitlements in distributed systems, provisioning, access requests, role-based access control (RBAC) and access certification.

3Segregation of duties (SOD) controls monitoring, managing access for applications with complex, role-based authorization models (such as SAP, Oracle, PeopleSoft, etc.).

4Identity and access management (IAM) professional services, which include consulting, system integration, and managed and hosted services.

5Password management, which includes password synchronization and self-service password reset (SSPR) for heterogeneous environments.

Latest research and insights