When beginning an identity governance program within an organization, it’s important to build a good business case. Determining what needs the organization has and how the program can benefit it is the foundation with which the program is approved and then undertaken. But what do you do once the program has been accepted and is underway? While the implementation may be going well and the issues you set about solving are becoming less of a problem, it’s important to stop and take stock at regular intervals and promote the successes and gains to the organization at large.
Luckily, the process you took to create the business plan in the first place can act as a mirror to how you can promote your program’s gains to your organization:
- Re-evaluate the needs assessment. Before you went down the identity governance path and procured a solution, you first had a problem or problems that needed to be solved. Perhaps it was as simple as automated self-service password resets. Maybe it was to comply with a new regulation or to reduce risk by gaining further insight into who had access to what systems in the organization. Now that the program is underway, it’s time to go back to the needs assessment and see how the organization is doing.
- How are you solving those original problems?
- Have any new ones cropped up? How are you addressing those?
- How are you quantifying the results you’ve seen and specifying how the effectiveness or quality of life has increased for those affected?
- Determine a new baseline. With your original business plan, you had to determine the baseline of operations: how long it took for a helpdesk ticket to be answered, how much it cost for daily operations and maintenance, or what your risk profile was. Do the same procedure for your current processes. Now that improvements have been made, calculate the percentage increases in productivity or decreases in time to resolution between the two baselines. Determine how much you’ve reduced risk or how much money you’ve saved the organization through reduced requests and increased productivity.
- Compare your current progress with the established goals. Every program must have some sort of goal or set of goals in mind. They result from establishing the needs of the organization, the current standard for how things are done and how well those processes are working. Have you surpassed your established goals or at least well on your way to them? What have you learned while implementing the program? Depending on how the program is doing, it may be worth it to set new goals based on the additional information you now have.
- Let the whole organization know. More than likely, the identity governance program you began affected the entire organization. From productivity-improving results such as easier and spreadsheet-free access certifications to money-saving provisioning or password reset processes, it’s not only important for those directly involved in the program to know how well things are going (and receive recognition for it), it’s also imperative the organization at large are directly told the impact of the program and how it’s made their lives easier. Utilize shared spaces such as collaborative forums to release the high-level information and statistics with departmental reports tailored to their specific interests and needs. Do all of this with an eye towards future programs and projects. It is much easier to go back for additional funding when your Phase 1 program is broadly viewed as a success by all stakeholders.
As you continue to implement your program, regularly demonstrate the progress and improvements it has made on the daily lives of your co-workers. By promoting the successes and gains from your identity governance program within the organization, you’re bringing to light the efforts you’ve made to secure your organization against outside (and inside) threats.
Find out how SailPoint can help your organization.