Search This Blog

Tuesday, April 19, 2011

What are the main causes for IDM project failures???

10 years in Identity Management and SSO, so I thought I should voice my perspective from my experience:
  • When the group owning and sponsoring IDM does not have a say on policies and infrastructure. This happens more in group of companies where parent organization does not have visibility to infra of group's subsidiary companies. In some cases, a team which is responsible for finance IT will try to implement IDM for the entire group. In such a case, the Finance IT may not have policy authoring relations with CISO or IT security team There is every chance that it will be a failure.
  • When you run IDM program as part of a divisional/operational applications deployment program. Running too many programs in one shot as an organization can lead to a lot of chaos. IDM will definitely fail if we try to include it in an implementation which is not focusing on security but on some business automation. The timelines and  project plan often overlooks the complexity IDM brings to the organization and last minute patch ups lead to a lot of overrun and finally the organization does not eliminate the actual pain points addressed by IDM.
  • When you don't want to change the KPIs of existing application groups and  IT teams. IDM brings in a sea change in organizations SLA and KPIs. It needs managements agreement on changing people and processes. (like change in job roles of current application administrators, change in SLAs for access requests as now more business users will participate etc....)
  • When the management is not sure of IDM implementations depth. You may have a good technical team to create a sophisticated IDM architecture, but Business barely knows about the depth, they just think this is for the admins and not for day to day...
  • When IDM like a project of limited time frame. IDM programs are long journeys that organizations have to embark. Organizations need to have patience when it comes to ROI and they should think of limiting the initial scope to achievable micro ROIs or stepping stones for a long implementation which may span 2 to 3 years.
  • Participation of applications teams and functional owners not scoped. This could lead to heavy delays and that can lead to an ineffective implementation. A system integrator or consultant can only implement the technical solution. Functional solution normally lies within the organization.
The list does not end here. But I think I covered the most common ones.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)