Reinvent the Role of the IAM Leader

The major impacts of digital transformation will require a different kind of identity and access management leader.

Accomplishing business goals, generating revenue, driving organizational digital initiatives: Separate from technical service delivery, today’s identity and access management (IAM) leaders have significant new mandates that are driven by digital transformation.

By 2021, 40% of IAM leaders will have their job performance evaluated more heavily on the achievement of business objectives

By 2021, 40% of IAM leaders will have their job performance evaluated more heavily on the achievement of business objectives than on technical outcomes,” says Kevin Kampman, Senior Director, Analyst, at Gartner. “Security and risk management leaders responsible for IAM must embrace the opportunity to learn more business skills while sustaining their technical influence.”

Kampman identifies three overarching recommendations for IAM leaders to consider when charging forward in digital business.

Recommendation No. 1: Embrace the opportunity to learn more business skills and sustain technical influence by leading digital growth, experimentation, and change.

The CIO role is changing from passive and reactive to aggressive and proactive. This means IAM leaders should make IAM a consistent part of every business interaction and collaborate with upper management to establish associated operational priorities. “The successful IAM leader must learn to excel in recognizing what the business is attempting and how these capabilities formulate IAM needs. Likewise, he or she must extend relations to not only stakeholders, but also to peers in a variety of areas such as cloud and privacy to stay abreast of related initiatives,” Kampman says.

Gartner Identity & Access Management Summit 2018
Transform operations into opportunity
Attend

Recommendation No. 2: Collaborate with others in the business to orient people and resources in the achievement of business goals.

There is no doubt that cybersecurity is a deep concern for non-security executives, leaving IAM leaders in a good position to push their agendas. Their vision and roadmaps should illustrate how they will support and augment others in the name of IAM, including training, diversified staffing and clear objectives tying back to business goals.

The IAM leader’s role will change from a delivery facilitator to a business leader

“It is here that the IAM leader’s role will change from a delivery facilitator to a business leader,” Kampman says. IAM leaders must become more adaptable and open to change, and reimagine jobs throughout the IAM program, particularly for themselves.

Recommendation No. 3: Recognize and address the arrival of analytics in your IAM program.

The value of analytics provides IAM leaders with the tools to identify inadequate processes, technologies and policies that are present in existing IAM practices. Analytics also reveals how IAM can better serve business initiatives like digitalization, AI and robotic process automation (RPA). “Leveraging analytics means that IAM leaders’ focus can shift from cost control and streamlined processes to driving revenue and scaling digital business,” Kampman says.

As a result, he recommends the rebalancing of the IAM technology portfolio by considering the use of automation to prioritize business flexibility and growth.

It’s important that IAM leaders collaborate with the CIO and management teams through regular meetings to brainstorm, establish priorities and solidify a shared commitment to satisfy business priorities.

Gartner clients can read more in IAM Leaders Must Revamp Their Roles for Digital Business by Kevin Kampman and Felix Gaehtgens.

Get Smarter

Gartner Security & Risk Management Summits

Attend a global Gartner Security & Risk Management Summits.

Explore Gartner Events

How to Evaluate Cloud Service Provider Security

Security and risk management leaders continue to experience challenges to efficiently and reliably determine whether cloud service providers...

Read Free Research

The Top 10 Basic Changes Needed for GDPR Compliance

The EU General Data Protection Regulation (GDPR) hovers over organizations like the sword of Damocles, with fines theoretically at an...

Start Watching