5 Simple Steps to a Successful IAM Program

Here’s why identity and access management leaders should create a shared vision with their organization’s stakeholders to enable success.

Great business leaders have clear and executable visions. The most successful ones are able to make their visions a reality. For identity and access management (IAM) leaders, this an everyday challenge as they are tasked with how to fund and find support for their IAM programs. But what if there were a simple answer to how IAM leaders can garner the organizational support necessary to influence change and improve the chances for success of their programs?

Developing a vision is the most significant step in building a successful IAM program

“Leaders responsible for IAM must create a shared organizational vision establishing the scope, objectives and priorities for their IAM programs,” says Kevin Kampman, research director at Gartner. At the crux of this vision is the need to carefully engage stakeholders to ensure their wants and needs are sufficiently satisfied to bring the vision to fruition. Kampman shares five simple steps that IAM leaders follow to create a successful vision and subsequent IAM program that emphasizes stakeholder buy-in.

Step No. 1: Identify IAM program stakeholders

Begin by identifying key stakeholders who influence and benefit from the IAM program. This includes not only establishing common goals and trust, but also working through inevitable issues such as lack of recognition, lack of interest or conflicting needs.

Step No. 2: Seek out credible stakeholder representatives

Engage with stakeholders through representatives. “The goal is not to turn stakeholder representatives into IAM experts, but rather to help them demonstrate that the selected program scope and priorities are reasonable,” Kampman explains. These representatives will support the IAM program’s vision by providing insight to shape the program objectives and acting as surrogates of the IAM leader.

Step No. 3: Generate political capital for your IAM program

Organizational politics often prevent change from occurring. As such, IAM leaders must accumulate strong political capital to mobilize change. An IAM program is more than a portfolio of projects that must be managed. It is an institutional repository for political capital. “Building relationships with stakeholders and being transparent help to establish trust and support for the overall program in the long run,” says Kampman.

Build resilience in a world of escalating risk

Learn how at Gartner Identity & Access Management Summit 2019

Attend

Step No. 4: Formulate a collective vision

Developing a vision is the most significant step in building a successful IAM program. It starts with an idea — an idea of who the stakeholders are, what their needs are and how the IAM program can help the organization. Creating a vision also requires engaging stakeholders and relevant staff members to work collectively and forge an agreement on what the IAM program priorities should be. This might occur through interviews, workshops or other interactions. No matter the approach, it’s critical that all stakeholders come to a consensus. “The vision enables the IAM program to secure recognition, authority and funding,” says Kampman.

He adds that an effective vision is one that tells a story and answers these questions:

  • What is the scope of the program?
  • Who is involved, how are they impacted and what are their needs?
  • What is the proposed set of objectives and priorities?
  • Where are the gaps in existing processes and technologies?
  • What are the constraints?
  • Were alternative approaches evaluated?

Step No. 5: Establish a working consensus and continually refine the IAM program

The momentum that established your IAM program should not stop once it is implemented. A successful IAM program is one that adjusts to industry change and stakeholder viewpoints. Periodic review and refinement will guarantee a long-lasting IAM program.

Gartner clients can read more in the report A Successful IAM Program Begins With a Vision by Kevin Kampman, et al.

Get Smarter

Gartner Security & Risk Management Summits

The latest insights on IT trends, evolving security tech and the ever-changing threat landscape.

Explore Gartner Conferences

Shift From Managing Risk and Security to Enabling Value Creation: SRM Leaders’ New Imperative

The moment has arrived for security and risk management leaders to act decisively to safeguard and support business objectives.

Read Free Gartner Research

Webinars

Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching