Identity Security Maturity Assessment
Question 1 of 6
Does your identity security program align to your overall business strategy, so that it is understood and utilized across your organization?
Rate the focus of identity security within your organization’s strategy
Not a focus at all
We do not have an organization wide identity strategy.
Somewhat of a focus
There is a very low adoption rate and focus is usually a tactical response to external stresses (e.g., compliance, security breach or business transformation).
Identity is a focus
Our identity program is digitized and scaled with wide adoption across the organization.
A strong focus
Our identity program is a strong enabler for business transformation, innovation and security resilience.
A very strong focus
Our IAM strategy is a pillar of our broader organization’s innovation strategy.
Which one of the following options is the closest representation of your Identity and Access Management (IAM) team’s operating model i.e., the way identity services are managed across your organization?
Rate the operating model of your Identity and Access Management (IAM) team
Not managed at all
Most forms of identities (e.g., employee, third parties, machines) are managed ad-hoc in silo-groups or not managed at all.
Identity management is mostly reactive and focused on fulfillment of service tickets, such as creating accounts.
Centralized IAM, organized based on specific tools (e.g., a team for directory services system or another team for identity governance tool).
Centralized IAM, organized on a product operating model with agile teams, there is a continuous drive for automation and Al.
Very strongly managed
Our operating model enables collaboration with external entities, it is a key control point to engage with our workforce and customers.
Which one of the following options is the closest representation of your organization’s Identity and Access Management (IAM) teams’ talent distribution?
Identify who manages the identity of your workforce
Mostly helpdesk staff manages provisioning and deprovisioning access.
Helpdesk & IT focused
Composed of mostly helpdesk staff along with a general IT team who maintains some basic identity tools.
Identity tool centric team
Tool/Product focused teams doing development on specific identity tools and supported by helpdesk and IT support staff.
Innovation focused identity team
Data scientist or automation engineers along with identity product engineers. Very lean helpdesk and IT support.
Distributed identity talent
Spans beyond the enterprise boundaries; there is collaboration with an ecosystem of other companies and other industry forums to enable distributed identity capabilities.
How would you rate your organization’s technical capabilities when adopting new identity tools?
Rate the capability of your organization to adopt new identity tools
Very limited capabilities
Either no tools or some legacy directory and access management tools.
Some identitiy tools implemented but low adoption across the organization (e.g., some capabilities in pilot mode such as lifecycle mgmt., access reviews, and Privilege Access Management but cover <50% of the organization).
Identity tools have been adopted across a majority of your organization.
Capabilities adopted at scale and integrated with SecOps – detection and response correlated with identity.
Very strong capabilities
In addition to having IAM capabilities adopted at scale and integrated with SecOps, your organization supports the future of identity. Can accept Universal IDs provided by institutions or decentralized IPs, dynamic trust models, identity integrated with security and data governance, frictionless access.
Which most closely aligns to your IAM automation capabilities (e.g., account creation, access provisioning, access reviews)?
Rate the automation capabilities of your organization
Most if not all capabilities are manual (manual fulfillment of access, access reviews).
Some capabilities are automated but the majority are performed manually.
Automated IAM capabilities with 80%+ transactions automated (e.g., lifecycle mgmt., provisioning and deprovisioning of access). Additional capabilities such as Segregation of Duties and Privileged Access Mgmt. adopted at scale.
Highly automated capabilities with Al driving decisions based on risk estimation.
How would you rate your organization’s technical capabilities towards coverage of additional identities?
Rate the capability of your organization to cover additional identities
No IAM program coverage of machine identities and environments such as cloud and SaaS applications.
Limited coverage of additional identities such as machine identities. Environments such as cloud and SaaS apps are mostly manually managed.
Additional identities such as machine identities and environments such as cloud and SaaS applications are managed at scale and automated.
Very good coverage
Identity coverage spans most identities and environments are linked to data governance (structured and unstructured) and cloud workload level access.
Fill out the form below to get your personalized assessment results and to contact our identity security specialists.
Your identity program is …
You should be …
Download your report
Your download will contain a PDF of your personalized results plus a copy of the full horizon content from the beginning of this assessment