Who are the stakeholders for an IAM project?

Who are the stakeholders for an IAM project?

By: Arnout van der Vorst

In order to execute a successful Identity and Access Management (IAM) project, it is important that all stakeholders are involved. Too often, IAM is still primarily seen as a technical ‘IT party’. This not only increases the risk of issues during its deployment and acceptance, but also the likelihood of not fully utilising all the capabilities IAM offers. People use IAM functions on a daily basis, which is precisely why you want to get it right the first time.

If you involve all relevant departments and specialists from the start of the project, they can often provide valuable input to assess the requirements and impact of the solution, and help you achieve your goals. This goodwill and assistance are especially important because IAM project teams often do not have formal power or authority.

But which stakeholders should you involve? The stakeholder analysis for an IAM project often includes more parties than for standard IT systems. After all, IAM forms the central point of access to all company systems and data for all employees. That means a thorough stakeholder analysis is an ideal starting point for your project. The stakeholder analysis will differ per organisation, but generally, you will certainly encounter the following parties.

IT-management

The IT department is not only responsible for ensuring the IAM solution is technically feasible and meets the technical requirements. The results must also align with the strategy, policy and needs of the organisation. In order to achieve this goal, the IT department works closely with stakeholders such as HR, Security management and Finance, which we will explain later in this blog post. But even within the IT department itself, there are multiple parties we must identify, each of whom have their own interest and role in the IAM project. Examples include:

  • The CIO: IAM is a central platform in the IT landscape and plays a critical role in information security. Therefore, it is important that the CIO, as the direct sponsor of this project, allocates sufficient resources and personnel for deployment and maintenance. The CIO is also closely involved in coordinating with other stakeholders – such as Security and HR management – as these often concern strategic issues.
  • Application managers: The IAM solution is literally the hub in the IT web and will be linked to numerous company systems. We are not only talking about the numerous (sometimes dozens of) target systems, but also about the directory system and the HR application that serves as the source system. The application managers of these systems are crucial in assessing the integration and technical aspects. Ensuring good coordination with them will make the progress of your project much smoother.
  • Helpdesk: The IAM solution is very visible to the end-users. Therefore, it is important that the adoption of an IAM platform goes smoothly and that users are well supported in case of queries and any problems accessing systems and data. The first contact with these users is handled by the IT helpdesk. This makes the helpdesk an important customer of the IAM platform, so make sure to involve this team in the design and implementation phases. The IT helpdesk must understand how the solution works, and it must have the right tools and procedures in place to effectively support end-users.

IT-management als stakeholder

Security and Privacy Management

IAM is not merely a technical solution that – as is the case for other applications – simply needs to comply with security standards and requirements. The CISO will be actively involved in the platform choice because it plays a key role in access security for all employees and all available applications and data. Thanks to the integration of Identity Data Unification (IDU) processes, account management and role-based access control, IAM is an essential tool in preventing data breaches. It is also the primary data source for audits and investigations into security incidents. This means that the CISO and the wider security and privacy team must be actively involved from the very beginning of the project. That means it is crucial to partner with them during the IAM project.

Security en Privacy Management als stakeholder

HR management

A future-proof IAM ideally uses the official HR personnel data as the source for user accounts. This prevents mismatches between the list of accounts used and the actual personnel roster. Accordingly, your organisation’s HR department will be a key stakeholder. The HR organisation and systems do not need to change their operations, but the HR system must be linked to the IAM platform. Close coordination with HR is needed to determine which employee data can be exchanged through this connection.

HR-management als stakeholder

Your HR manager, in return, also has a lot to gain. Thanks to the link between HR and IAM, we can further automate the onboarding of new employees. As soon as someone ‘exists’ in the HR system, their account and user rights are automatically created and activated. In addition, during job changes, employees can be provided with updated rights and applications on a fully automated basis. And when someone leaves the organisation, IAM ensures they immediately lose access to sensitive personal data.

Not only does the HR system supply data to the IAM platform, but the IAM platform also creates user accounts for employees on the HR system, allowing employees to manage their own personnel data. This ‘closed loop’ between HR and IAM serves as an additional confirmation that the hiring process has been properly completed.

End users

An IAM solution not only strengthens security for accessing applications and data in an organisation, but it also simplifies tasks for end-users. For example, HelloID offers a feature that allows employees to only log in once, gaining immediate access to all their apps and data through Single Sign-On. Additionally, employees can conveniently request extra applications via the Service Automation module. Getting input from end-users and managers in the IAM project ensures the platform aligns with their requirements and is user-friendly. By having some end-users participate as ambassadors (for example, as testers), you can also facilitate acceptance and adoption within the organisation.

Eindgebruikers als stakeholder

Finance management

The finance team usually takes a close look at the costs and investments involved in an IAM solution. It is a good idea to engage them in a conversation about the benefits of an IAM project. It is common for organisations to end up spending thousands of dollars per employee annually on software licenses. A frustrating part of this is the significant amount spent each year on ‘dormant licenses’, which range from unnecessary individual application licenses to accounts of employees who are no longer with the organisation, but still have active accounts. An IAM solution like HelloID provides clear insights into who has access and the IT impact on each department or business process.

Finance Management als stakeholder

Importantly, HelloID can also automate the deactivation of redundant accounts and licenses, cutting unnecessary costs. It is crucial to involve your finance specialists from the start of the project. Together, you can identify potential savings alongside the costs. This approach can transform your finance manager into an advocate for your project.

Keep this 360-degree analysis up to date

Start your project by taking a comprehensive look around your organisation to determine the relevant stakeholders that need to be involved. It is important to think creatively. For example, if your organisation uses a flexible workforce, you might need to liaise with the agencies that supply these workers regarding their user accounts. Similarly, consider students at universities who are often registered in a separate student system rather than the standard HR system. Aim for a complete 360-degree analysis, and regularly update your stakeholder analysis with new insights to ensure it remains current.

Arnout van der Vorst
Meet Arnout van der Vorst, the inspiring Identity Management Architect at Tools4ever since the year 2000. After completing his Higher Informatics studies at the University of Applied Sciences in Utrecht, he started as a Support Worker at Tools4ever. Since then, Arnout has advanced to become a key figure within the company. His contributions range from customer support to strategic pre-sales activities, and he shares his expertise through webinars and articles.

Others also viewed

Why do you need an IAM solution?

Why do you need an IAM solution?

29 August 2022

How a Service Automation Solution Helps Your Organisation

How a Service Automation Solution Helps Your Organisation

31 October 2022

How a User Provisioning Solution Helps Your Organisation

How a User Provisioning Solution Helps Your Organisation

27 September 2022