A Technical View of BPM & Identity Governance

Building on Mark’s post from earlier this week, I want to add that I think the industry needs to get out of the mindset of thinking of “the business of identity” as an IT tools problem. For sure, provisioning has the potential to provide a consistent transactional “bus” for the identity change activity. But today’s provisioning tools lack a governance foundation – a comprehensive model-based approach that’s owned and maintained by the business.

By definition, governance is the process of setting policies and evaluating compliance and alignment with those policies. Today’s provisioning tools only focus on providing a transactional “last-mile” for the account management process – a process used primarily by help desk or identity administrators. In contrast, identity governance solutions like SailPoint take a business-process approach to identity, designed to engage the business user in the governance process. To achieve this, we’ve really had to re-think the identity management use cases full stop. Products like ours provide a new user interface to identity for a new class of identity owner – the business user. By taking a business-process and model-driven approach to the identity, we do end up subsuming many of the poorly defined and cumbersome business processes within today’s transactional provisioning layer.

That’s the evolution of enterprise software. New approach, new models, new target solution.