We believe that for the project to be successful, a number of critical factors must be addressed from a business, legal and technology perspective.  These are:

 

  • Strong executive support. Executives form an important support structure to an IAM program as they can marry IAM strategy to long term business strategy. They support the execution, sponsorship and awareness of the program top down.
  • Establish Digital Identity strategy first. This strategy highlights the importance of a digital identity in a business, be it for digital transformation or operational effectiveness and so forth. Sometimes a business would want to harness a digital identity beyond security requirements, possibly to increase top line growth by enhancing user experience on their online offerings across all channels of business. Digital transformation and projects thereof need digital identities to succeed on their mandate.
  • Use Open Standards too avoid vendor lock-in
  • No big-bang approach – do not attempt to roll out the IAM platform across all relying parties all at once. This hardly works in our experience.
  • Address less complex issues that are far reaching in terms of user impact
  • Stay close to the business. Always pay attention to the fact that business-IT alignment is one of the most important tasks facing today’s business and IT executives.
  • Plan for agile Identity Management projects with short duration in mind but with focus on the long-term strategic goal of the IT.
  • Strong executive sponsorship and management support of the project mission and project team.
  • Have clear definition of objectives, success criteria and requirements.
  • Strong Project and change Management coupled with rapid decision-making.
  • Agreed acceptance procedure for work packages.
  • Appropriate project resourcing by all parties involved in order for the expected goals and timeline to be addressed (including sufficiently “empowered” staff with appropriate skills and adequate time dedicated to the project).
  • Clear definition of roles and responsibilities for the project in order to ensure accountability, ownership and quality.
  • A committed and well-informed Project Manager and project team having a thorough understanding of the project mission, goals and milestones of the project.
  • Have a comprehensive, well-defined project work-plan and engagement plan.
  • Ensure that there is a well-defined and maintained project infrastructure throughout the project duration.
  • The project team must have a thorough understanding of known project risks and assumptions.
  • Provision of all necessary project infrastructures (e.g. hardware, software, desks, chairs, telephones, etc.).
  • Grant timely and unrestricted access to buildings for the purposes of conducting the project.
  • Human Resource Management policies.
  • At the conclusion of the project, You should have in their staff compliment, a number of trained and appropriately skilled resources to support the system. They would be valuable, not only to You, but to industry in general as well.
  • In terms of retention, it would be advisable for your Human Resources department to consider various options, possibly in consultation with the consultants and your preferred recruitment organization to define an appropriate policy.
  • You must be responsible for signing-off user acceptance testing, system integration testing of the application and final solution in accordance with the project methodology.
  • Always maintain and backup all the custom code using a  subversion system or similar code source repository
  • You must perform organizational change management activities such as developing and deploying an effective communication plan and security awareness campaigns
  • You must develop and clearly document all IAM related organization-specific policies and procedures
  • Ensure You security project team will be available and participate in project activities to facilitate successful knowledge transfer.
  • Ensure that there is sufficient and tested backup and recovery processes and procedures of the system environments.
  • Ensure that the key resources are experienced, have sound business knowledge, are empowered to take decisions, and are available as per the Project Work Plan, which is to be established during the definition phase.
  • Ensure that the key resources must be dedicated to the project and spend at least 6-8 hours per day on the project, especially in the first ¾ of each phase.
  • Where parallel implementation of modules or IAM streams, ensure that the business resources will have adequate availability to provide input into more than one module and process, where applicable.
  • Software licenses must be purchased and installation material made readily available in time.