Once again time to hit on this theme and repeat it. Good advice cannot be repeated enough.
This cannot be stressed enough. From all of the identity projects I have worked on, there is a direct correlation: No Identity project has been successful without an Identity Steering committe (although the opposite is not entire true – some projects with Identity Steering Committees have ended up in the weeds).
Because IdM projects reach out to different portions of the organization and are not completely the domain of IT, you have to have consensus if such an enterprise-wide effort ever has the chance of succeeding. Unlike Directory and Access Manager projects, which can be pulled off as an IT only effort, IdM projects cut across company business units.
Complaince folks need to have a say in the project that will result in the automatic provisioning of user accounts into SOX controlled financial systems. Security will need a place at the table too.
Include in the Network and Firewall folks, who have the power to cripple your IdM infrastructure by limiting the systems it can reach to. The support organization will have a say, as user self service screens will lower the amount of password resets they have to handle, but now they must learn how users get accounts in systems and be ready to lend a hand for complex support issues.
Finance will also probably be interested as well. About 15% of the IdM projects I know of are not run by the IT wing of the company, but by the Finance group as a compliance project. So you might end up reporting to a project sponsor who has not IT experience in project work.
And don’t forget, your platform will be touching many established fiefdoms. The Oracle ERP team, the SAP team, the Windows team, SAP, Peoplesoft, etc. All will initially consider your management of their user accounts a threat. And don’t forget to get senior management involved. There are times on an IdM project it will be critical for CxO levels to discuss and decide disputes.
So, the best way to placate everyone is to give them a say in the IdM project. And a Steering Committee is just that. They should meet (con call is fine) every other week and we recommend they meet once a year to review project status. The sterring committe should decide what phases of IdM to address first and get agreement on the overall approach and dispute resolution.
This is not a Identity Center of Excellence, but the steering committee where all business units can gather and discuss the impact of the IdM project on the entire organization.
One of my favorite quotes was a project manager who said they did not need a steering committee, “it would only slow things down on the project”. Here we sit in September 2006 and that manager’s project has not even started. I would still recommend they form a steering committee if for no other reason than having them decide what the IdM project should do.
Leave a Reply