Identity Management and Business

05.07.2007 09:06 Martin Kuppinger
Identity Management ? also an organizational challenge
A great deal of feedback on Roles Management and Data Quality
I always appreciate feedback on my newsletter articles – especially positive feedback, of course. Recently I was able to do so twice: The first positive feedback concerned my article about Roles Management in one of our latest newsletters, the second referred to the text on Data Quality some time before. In both cases, I would like to add some important thoughts to the discussion.

Maarten Stultjens of bhold, a leading vendor of Roles Management solutions, pointed out that customers sometimes had rather disproportionate expectations as to Roles Management and that some of them do no longer see the wood for the trees. Role Mining tools are often expected to have some magic power. They are supposed to generate a perfect solution out of the as-is state. This is doomed to failure, for the top-down developed target is more complex and must be able to map the operational rules and regulations for the enterprise.

The “wood” is not seen while first of all trying to set up all kinds of possible (and impossible, as I think) roles, instead of concentrating on central roles regarding responsibilities and contents, such as ownership of users, applications assigned to them and the collaboration of roles and rules.

It would be a capital error to think of the role model as a static structure. We must provide and support the management of its dynamic development. Roles must be maintained so that they can develop. From KCP counselling interviews we know that this is one of the main issues: Because the roles represent interfaces between the organization and IT, the mandates, i.e. the collaboration between the “general” organisation and the IT must be clearly defined since roles are highly determined by the organizational structure, the tasks and the job specifications as well as the defined enterprise rules.

Much more has been said about Role Management on the KCP European Identity Conference in May 2007, under the heading “Roles & Provisioning”. The topic was up for discussion within user reports, and during some interesting panel discussions with the leading representatives of the Role Management specialists in the IAM dealing with the challenges and the further development market it was raised as well.

The response to the Data Quality article in which I mapped out the need for an Identity Information Management came from Oliver Derksen. From his long consulting experience, he argues that the problem of many IAM infrastructures is the missing attention to the data quality and to the basic difficulties in designing a reliable, central data basis for identities. This is the way he put it: “IAM is not a product but a process which must be designed, implemented and continuously controlled.”

Not surprisingly, the statements are quite similar to the viewpoint of Maarten Stultjens (and of KCP). IAM is not a pure technical problem. In contrast, getting to a more mature state, it is developing to become an organizational issue far beyond IT. It is a task to be addressed not only by IT, but by the whole enterprise. Those who want an efficient, highly productive IT which is focussed on business- and organization-oriented thinking and acting, will also have to provide a basis for such an development. For instance, if a role management project fails due to a lack of communication between IT and organization, this shows that the enterprise management has not yet realized what the future IT will have to be like in order to solve the tasks of the enterprise in an optimal way.

It is one of the tasks of IT to express their growing influence by emphasizing a consequent business orientation in their statements. But the top management´s initiative is equally demanded. IT, today, is more than a field of technology and must therefore be closer integrated with the non-IT areas, above all the enterprise organization.

© 2011 Kuppinger Cole