In addition to asking about specific features, there are several questions that are worth asking vendors. The following questions help in understanding the maturity of products and focus on potential breakpoints of projects.
Does the deployment model fit the business model of my organization?
Before starting to evaluate IDaaS vendors for their access governance capabilities, your organization must have a clear vision on what deployment method would be more appropriate to the business needs and operations.
What are your key differentiators?
Understanding the key differentiators between the different vendors is essential. Determine how important or relevant these differentiators are to your IAM program. This information can help to shortlist vendors.
How often do you release product or service updates?
or service updates? Many IDaaS vendors offer support for DevOps and while most product upgrades and releases can be transparent to the tenant / customer and consumer, some might involve service downtime. Understand how you can coordinate these downtimes with IDaaS provider to minimize service impacts and optimize overall availability.
How modern is the solution's architecture?
The focus should be given to modern software architecture solutions, such as using microservices, container-based deployments, and APIs that provide a more modular, flexible deployment, orchestration, and customization.
Do you specialize in serving specific IGA use-cases?
How do you help customers comply with data residency requirements?
Understand how IGA vendors can help you comply with the data privacy and residency requirements you are governed by.
Can I speak to some reference customers?
Finally, it is usually enlightening to speak to one or more reference customers. It is most helpful when the reference customer is in a similar industry and region.