InfoSec-Specific Executive Development for
CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive
labs to build you and your team's InfoSec skills
The best identity and access management (IAM) roadmaps focus first on solving business problems within the business context. This piece explains what a typical IAM roadmap entails and offers best practices for ensuring your IAM program supports the business
efficiently and effectively.
IAM programs vary depending on regulation, maturity, complexity, and organizational ownership. However, every good roadmap focuses on improving the core IAM functions: provisioning, de-provisioning, role-based access control (RBAC), entitlement and permission
management, and access certification. It should also be designed to solve a business case first, because solving the business case should provide overall improvements in identity management. Some ways to frame the project include:
Your IAM roadmap should have the following elements:
Depending on the state of the program, the following may also be in scope for the roadmap:
Most IAM programs have many moving parts and keeping everything working optimally can be difficult. Some issues to avoid include:
The best IAM roadmaps focus on supporting business initiatives and ensuring stakeholder needs are met. To improve the chances of success, organizations must:
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in
connection with such information, opinions, or advice.
December 6, 2022
By IANS Research
Improve your attack surface management plan using 9 steps to mitigate risk and strengthen enterprise security posture.
December 1, 2022
By IANS Faculty
Improve your vendor management program using six focus areas to benchmark program maturity and identify key pitfalls to avoid.
November 29, 2022
Learn how to integrate IT, OT and physical security programs to reduce risk, improve efficiency and streamline processes across the organization.