Today’s blog is the second in our 3-part series in which we share lessons learned in enterprise IAM deployments. Last week, I shared best practices for building your team. Once you have identified the key stakeholders for your project and assembled the right team, you can focus on defining your project scope.
Enterprise IAM projects are complex, and since they involve many different parts of the organization, planning and communication are critical. So lesson #2 is “Clearly define your project scope and break it down into several ‘quick wins’ to gain trust and support from your stakeholders as you go.” Your first step at this stage is to work with your stakeholders to define and agree upon the top priorities and goals for your project. This will give you a better understanding of what you must achieve first.
Here are some things to keep in mind as you outline the project scope for deploying IAM in your organization:
Start with the end in mind
Your IAM journey should start with clearly stated goals and objectives. Knowing how your stakeholders will define success is critical at this stage of the project. A good first step is to write down and get buy-in on the key success factors. This will give your team a clear sense of direction and help provide guardrails for the important decisions that will be made throughout the project.
Break the project down into multiple phases
Most organizations try to accomplish too much at one time. This can lead project teams to over promise and under deliver. By breaking down your IAM project into multiple phases, the team can focus on the highest priority items before working on secondary deliverables. There are several ways to scope your IAM project. First, you can break things down based on current challenges facing the organization, such as audit deficiencies or escalating help desk costs due to manual provisioning or password management activities. Second, you can break the project into phases by focusing on a specific application or user populations that have the most critical needs – for example, addressing compliance requirements for SOX applications used by the finance and accounting departments. By focusing on a few “quick win” opportunities, you can help accelerate and build momentum for future phases of your projects.
Align each phase of the project to a specific business driver
As you break down your project into phases, look for opportunities to link directly to the major business drivers you defined at the outset of the project. This will help accelerate the path to progress by giving project stakeholders – everyone from management on down – a tangible reason to get on board and provide resources. For example, a compliance deadline can serve as the pressing pain point to strong and immediate project commitment that will align cross functional departments to quickly deliver results.
Don’t go it alone
Rely on independent specialists to augment your IAM project team to bring outside expertise based on experiences across a wide variety of successful projects. SailPoint partners with all of our customers during the definition and deployment phases of each project to make sure things get off on the right track. We’re also there in later phases of the project to provide best practice recommendations and guidance as things continue to progress. Another option is to work with a 3rd-party system integrator (SI) who has extensive experience implementing SailPoint’s products. Choosing an SI to assist with your project can help augment your project team with specific industry or project type expertise.
At SailPoint, we focus on the IAM needs of large organizations and global enterprises. We design our solutions from the ground up with this in mind – whether they’re deployed on-premises or in the cloud.
We’re proud to be the IAM solution for some of the most challenging environments in the world. Feel free to read more about how other SailPoint customers are phasing out their existing deployments and transitioning to SailPoint. Learn how Providence Health built its next generation IAM and how Equifax is making the most out of their provisioning replacement efforts by reducing risk at the same time.