Chief Evangelist André Koot has been focusing on the field of Identity and Access management for 20 years. His message is clear. IAM is no IT party but a change affecting all business processes. Collaboration between different departments is therefore crucial. In this blog series, we asked him the most pressing questions about why IAM implementations are so often unsuccessful. This article explores some common mistakes when implementing IAM software.
What are the most common mistakes made when implementing IAM software?
Neglecting Business Involvement
“There are so many common mistakes. The biggest mistake is that the IAM implementation is approached as an IT project and the business is not sufficiently involved. The business processes, working methods and mutual agreements belong to the business and cannot be set up in the desired way by IT without their involvement.
Underestimating Time and Effort
Apart from lacking business buy-in, we should mention lack of time and effort. Implementing the first phase of IGA will take only a small amount of time. But it will take more in the next phases: more connectors, more workflows, more reports, more roles… Still this sometimes is underestimated.
Falling into Scope Creep
Another failure is due to scope creep. One key thing to convey here is the importance of focus. Don’t start exploring all features and adding more connectors and reports. Take it easy. Implementing IGA, and more specifically access governance, will result in organizational change. That’s not just a task for a sunny or rainy afternoon.
Impulsive Partner Changes
And by all means, don’t change implementation partner just because of some issue. Every implementation will hurt. Every time people will be blocked, accounts and authorizations revoked, documentation forgotten. It will happen.
Embrace Change with Patience
Again, take it easy, be patient. IGA implementation might be challenging, but the benefits for your organization are worth it. Approach the process patiently, knowing that organizational improvements are on the horizon.
Background blog series
The installation of a new identity and access management software package is often approached as an ICT implementation. This not only brings risks, but also unnecessary costs and dissatisfied users. Companies grow and change. The digital age has brought about a transformation in many companies in which digital possibilities are increasingly used. This has resulted in many different applications and systems and sometimes a somewhat fragmented ICT landscape and decentralized organizational control. In doing so, there are more and more types of users using an organization’s digital assets. Such as employees, customers, partners, devices and things. In identity and access management, it is precisely important that these things are connected. Well, in a safe and thoughtful way. This blog series addresses this.