Identity Management projects vary significantly, depending on the business requirements and the existing environment. Experience has shown that it is unrealistic to expect one Identity Management solution to be applicable to all customers.

For this reason, and to provide the flexibility required to tailor an Identity Management solution to the individual customer’s needs, a ‘framework’ approach is adopted for each assignment.  This accommodates unique needs and allows an execution approach that best suits the individual customer.

The framework follows a typical Identity Management solution life cycle as illustrated in the diagram below.

The initial phases of the lifecycle focus on the business needs to be addressed by the Identify Management solution, rather than on the technology.   The majority of Identity Management projects originate with a business need that is technology independent.

Identity Management involves a wide range of technologies and solution options. The Identity Management Project framework has two main objectives:

• To break down Identity Management into core components to facilitate focus areas for development and execution.

• To stipulate a delivery framework and identify key service and solution offerings.

 Identity Management Core Components

The following core components are addressed by the Identity Management Project framework:

• Identity Provisioning:

  • Business Processes and Workflow

  • Policies (Security, Provisioning, Propagation, Ownership)

  • Directories, Meta-Directories, Virtual Directories, (identity) Databases

  • Role-Based Provisioning / Access Control

  • User Access Revalidation / Compliance

  • Life-Cycle Management

   

• Access Management

  • Single / Same sign-on

  • Federtation

  • Authentication

  • Password Management

The core components are helpful in structuring Identity Management projects and capability development.

Identity Management Delivery Framework

Most Identity Management Solutions are implemented using a phased (and iterative) approach.

The graphic below provides an overview of the various components within the Identity Management project framework.

The varied nature of Identity Management projects will likewise reflect in changes to the structure of the framework which will result in variants of the above.

The following text outlines the framework components:

Identity Management Discovery and Scoping

The Identity Management Discovery phase is usually undertaken as a fixed cost consultancy assignment intended for those customers who are interested in Identity Management but are unsure as to the scope and approach that should be adopted. The Identity Management Discovery phase will assess the applicability of Identity Management in the target environment and the report produced from the assignment can be used by the business to drive the further development of the Identity Management project. The deliverable of this phase usually includes a conceptual design, high-level road-map and highlights key business benefits.

Identity Management Requirements Analysis

The Identity Management Requirements Analysis phase documents the business requirements for Identity Management. During this phase the most appropriate technology suites should start to become apparent.

For Identity Management Solutions, the Requirements Analysis typically includes an Identities Workshop – a session where the main stakeholders and owners of identities meet to discuss how Identities are currently managed and how they should best be managed under an identity management solution.

Identity Management Solution Design

A design for the target solution is completed. Deliverables can include such aspects as:

• Detailed business workflows

• Detailed system workflows

• Design specifications for technical components

• Data synchronisation and validation plan

• Testing procedures

• Support and training plan

• Development and deployment plan

It will often be helpful to complete a Proof of Concept as part of this phase, and Business Readiness is assessed to consider impact and training requirements.

Identity Management Plot, Testing and Implementation

The proposed solution is finalised and implemented. Deliverables can include:

• Solution Development and Implementation Plans

• Deployed business policies & procedures

• Synchronized and validated production data

• Tested & deployed technical components

• Training programs

• Pilot implementation

• Identity Cleansing

• Production implementation

• Solution documentation

Protecting the Investment in Identity Management

Most Identity Management projects will result in a significantly different environment from both a technology and business perspective. As a result the deliverables of the Identity Management project will include significant supporting documentation. An important aspect for consideration by the business will be the ongoing support and future development requirements of the solution.

The Identity Management system that is delivered will likely be the foundation for further development and business growth and as such will require an in-depth knowledge and appreciation as to how to leverage the Identity Management infrastructure in the most effective way. As a result aspects such as support and maintenance and scalability need to be addressed in a thorough way to future-proof the solution and to ensure ongoing business benefits.