February 17, 2011 – Identity and access management process requirements should always precede organization and technology decisions, advises Gartner Inc. based on recent research.

Identity and access management as a process permits a view across the landscape of business and IT. According to Gartner, identity and access management started out as a “fix the plumbing” concern. However, with the advent of risk and compliance, this has changed. In an era where accountability and transparency must be formalized, a more focused and structured approach is required for all parties affected, and not just IT.

“Between half and two-thirds of organizations attempting to establish a truly-effective identity and access management program approach it in the wrong way,” said Earl Perkins, research vice president at Gartner in a news release. “Currently, most identity and access management planning is done around clusters of technologies, rather than by addressing specific IT or business processes.”

First, identify where people and identity and access management technology can be most effectively inserted to fulfill the practices and policies of the organization, Perkins advised. Viewing identity and access management as a process helps an enterprise articulate its requirements and target them through prioritization of need. Identity and access management as a process can converge business and enterprise processes with IT processes and accelerating identity and access management program maturity for the long term.

Read more from Information Management about compliance and process here.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access