How does the IAM/IAG organization look like that will make your project succeed? Do you need to split governance and execution? What about the business-facing layer of Access Governance and the technology-facing layer of Identity Provisioning – to you need to split your organization here as well? What about the management of users and access at the system level? How to handle this, how to integrate the Active Directory administrators and the SAP security professionals? Is IAM something that needs to be handled apart from the rest of Information or IT (Technology) Security?
Having the right organization in place is key to success. Defining responsibilities and accountabilities for guidelines, processes, and technology right will help you in succeeding. Having clear interfaces between various layers and to the business is as important as having a well-defined interface to IT Governance and Corporate Governance.
In this session, Martin Kuppinger will explain his view on the ideal IAM/IAG organization, based on his experience from a vast number of advisory projects and customer feedback.