This document discusses measuring the performance of Identity and Access Management (IAM). It begins with definitions of key terms like measurement, performance, and IAM. Preliminary research results are then presented on IAM goals, priority setting, reporting structures, process maturity, indicator design, communication, automation, and coverage. The document concludes that a catalog of standardized IAM performance indicators will be published and that further research is needed, including a benchmarking framework.
Measuring the Performance of IAM (SIGS Webinar - 2020)
1. MEASURING
THE PERFORMANCE
OF IAM
David Doret
david.doret@open-measure.org
June 2020
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
2. AGENDA
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
Definitions
Research
Results
What’s
next?
DISCLAIMER
In this presentation I share
preliminary research results.
Take it with a pinch of salt until
final results are published.
3. PMS
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
DuPont &
GM1900s
Piecemeal
non-
financial
1980s BS1990s PMS2000s
Source: Neely, A., Bourne, M., 2000. Why Measurement Initiatives Fail. Measuring Business Excellence 4, 3–7. DOI:10/fvc7hh
4. DEFINITION: MEASUREMENT
Empirical
Assigning symbols
Building a model
Objectivity vs subjectivity
Units and scales
Measurement error
Source: https://open-measure.atlassian.net/wiki/spaces/DIC/pages/1310994/Measurement+Dictionary+Entry
Reality Symbols (numbers)
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
6. DEFINITION: IAM
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
Source: https://open-measure.atlassian.net/wiki/spaces/DIC/pages/1409143/Identity+and+Access+Management+Dictionary+Entry
Objects
Identities
Access
Assets
Lifecycle
Joiner
Mover
Leaver
Layers
People
Processes
Systems
Domains
Workforce IAM
3rd Party IAM
Customer IAM
Technical IAM
Objects IAM
Goals
7. QUESTION: WHAT ARE YOUR IAM GOALS?
Business
Agility
Consumers
Management
Scalability
Business
Enablement
Costs
Efficiency
Compliance
Assurance
Digital
Transformation
Source: https://open-measure.atlassian.net/wiki/spaces/GOALS/pages/1442045/IAM+Goals
Information
Security
Resilience
Establish
Trust
between
Parties
Global
Workforce
Enablement
Optimal
Risk
Process
Automation
Improved
User
Experience
Productivity
Gains
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
8. PRIORITIES
Preliminary research results, take it with a pinch of salt
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.Q23
Secondary
Goal
Nice to
have
Not a
Goal
Primary
Goal
9. NOT HAVING THE GUTS TO SET PRIORITY?
Unknown
0,N/A
Focus
1-3
Scattered
>3
10. THE REPORTING LINE OF THE IAM MANAGER
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.Q22
Preliminary research results, take it with a pinch of salt
11. PROCESS MATURITY & INDICATOR SELECTION
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.Q24
Preliminary research results, take it with a pinch of salt
Managed
Defined
Repeatable
Optimized
Initial
12. PERFORMANCE INDICATOR DESIGN
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.Q27
Preliminary research results, take it with a pinch of salt
Agree
Neutral
Disagree
Strongly
agree
Strongly
disagree
13. PERFORMANCE INDICATOR PROCESS
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.Q28
Preliminary research results, take it with a pinch of salt
Agree
Neutral
Disagree
Strongly
agree
Strongly
disagree
14. PERFORMANCE INDICATOR AUTOMATION
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.Q30
Preliminary research results, take it with a pinch of salt
15. PERFORMANCE INDICATOR COMMUNICATION
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.Q29
Preliminary research results, take it with a pinch of salt
Agree
Neutral
Disagree
Strongly
agree
Strongly
disagree
16. PERFORMANCE INDICATOR COVERAGE
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.Q31
Satisfactorily
covered
Partially
covered
Not
covered
17. CONCLUSION
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
Sacrifice
Strategy
Primary goals
Performance
measurement
18. WHAT’S NEXT?
A catalog of standardized IAM
indicators will be published on the
Open-Measure wiki at:
https://www.open-measure.org/
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.
Complete
research
project
Standardized
performance
indicators
Benchmarking
framework
Help me and participate to
the research by filling in this
online questionnaire:
https://iam-performance-
2020-v1-3.questionpro.com
19. THANK YOU!
The Open-Measure project is an open-source, vendor-agnostic, not-for-profit initiative of
peer Identity and Access Management (IAM) professionals who wish to share experiences,
co-develop useful content, design standard performance indicators and generally advance
their profession.
The focus of the project is on Identity and Access Management (IAM) and its sub-domains:
Workforce IAM, Privileged Access Management (PAM), Technical Access Management
(TAM), Federated Identity Management (FIM), Customer IAM (CIAM) and Objects IAM
(OIAM).
Membership is free, you may subscribe at:
https://www.open-measure.org/sign-up
Open Measure by David Doret et al. is licensed under a Creative Commons Attribution 4.0 International License.