Identity management
Experience has shown that even the largest, most mature, progressive companies may struggle with the deployment of an identity management solution. The reasons for this are often that such an undertaking has a far-reaching impact, both on business and on technology, which is often not understood and anticipated. Our experience has shown that successful identity management implementations share the following key success factors:
- The entire company, including top and middle management, is conscious of the need for an identity management solution. This includes the introduction and execution of a formal communication plan. Also includes that any possible opposition is anticipated and buy-in is obtained from all stakeholders.
- Identity management is regarded as a business process: realising it is more about operationalising the solution than about a technical implementation. In addition, the identity management processes must be monitored to ensure long-term dependability.
- Data quality is given sufficient attention, both at the start with the initial provisioning and over the long term. The fact that business needs and the business context are ever-changing is well incorporated into the long-term maintenance process.
- Business, ICT, security and legal teams jointly take hold of the identity management project and plan and implement formal escalation procedures.
- An optimal balance between automatic and manual processes is sought, whereby the most frequent and error-prone processes are automated, reverting to manual processes for less frequent or exceptional processes.
Why Deloitte?
What are the success factors of an identity management solution?
The success of an identity management solution depends more on the care taken during the planning phases than on the technical implementation itself. To ensure these key success factors are realised, Deloitte developed its renowned i-MAAP methodology, Identity - Management, Authentication, Authorisation and Protection.
Deloitte started developing its i-MAAP methodology in 1997, long before most software vendors started developing related applications. Thanks to Deloitte’s business perspective, sound technological awareness, and availability of security experts, this methodology became a practical implementation aid rather than an abstract and sterile piece of work.
Deloitte's i-MAAP methodology is completely vendor, product and technology independent. This is proven by the fact that Deloitte has implemented different products, helped by the i-MAAP methodology. The i-MAAP methodology has been successfully adopted in numerous engagements for both industry and the public sector. It is designed to support any or all of the four phases of our security services: Assess, Architect, Align, Attest.
Material on this website is © 2013 Deloitte Global Services Limited, or a member firm of Deloitte Touche Tohmatsu Limited, or one of their affiliates. See Legal for copyright and other legal information.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.