Based on many years of experience, our consultants offer best practice methods to support your company in setting up an IAM – even before the implementation of an IAM solution. The procedure, method, preparation and collection of all relevant information as well as the involvement of the necessary stakeholders determine the success or failure of an IAM project. TIMETOACT supports you with initial assessments to determine your current situation in the various fields of action and shows you the way to IAM readiness.
In addition to vision, strategy, sustainable development and risk analyses, IAM processes and the development of an IAM organization also need to be dealt with. If desired, an independent product evaluation can also be completed with you. Our experienced consultants will guide you individually through the preparation using our methodology and accompany the entire project. Together with you, we will develop a realistic roadmap that can also be supported by your organization – in addition to day-to-day business.
Identity & Access Governance is primarily a matter of processes
All solutions that are introduced for this purpose ultimately serve company-relevant processes. In our opinion, the analysis, optimization and thus clear definition of the necessary processes must be the basis of any further decision. Our advisory team supports you with their longtime experience in these decisions and creates an IAM blueprint with you, which considers the current and future requirements of your company.
Our Advisory Services:
- Strategy Development
- Creation of Blue Prints
- Performing assessments
- Product Evaluations
- Readiness Ratings
Your Benefit from Advisory:
- Not all bad experiences must be made
- Support of IAM projects
- IAM Project Manager Coaching
Aspects of Advisory:
An IAG introduction or further development should be based on the idea of what goals it should pursue, what problems it should address and what significance it should have in the company. The vision can be limited to a pragmatic securing of the authorizations required for employees to perform their tasks, or it can aim for an ambitious embedding in the business strategy of the company.
The IAG vision represents the guideline for the continuous development of the IAG complex within the company. It does not remain unchangeable, but is continuously questioned and readjusted. To this end, relevant business, professional and technical aspects, influencing factors and developments are observed, and if necessary, re-weighted and supplemented. The IAG vision thus drives the evolution of IAG within the company. We help you to design and coordinate the various influencing factors.
The IAG strategy describes the path that should lead to the achievement of the overriding and long-term goals definied in the vision. It means a long-term framework for action, which describes architectural, technological, organizational and operational aspects in addition to a time schedule with a definition of the milestones to be reached and a projection of the resource requirements. The IAG positioning with regard to the Cloud topic in all its facets would certainly require a strategic consideration and fundamental decisions with long-term effects.
Just as the vision, the IAG strategy is not designed to be short-lived. Frequent change drives up costs and makes it more difficult to achieve the desired goals. On the other hand, the strategy will have to reflect changes in these goals, take technological developments into account or follow changes in the business environment. The IAG strategy must therefore also be continuously scrutinized and readjusted.
Our advisory team can support you with its experience from many projects.
When planning IAM projects, it is important to reconcile the views and wishes of the customer with the possibilities in terms of run times and (partial) goal achievement. The only way to do this is a time-based roadmap with phases and milestones that show realistically when what is possible. A detailed roadmap is typically a delivery object of the rough concept. Nevertheless, it makes sense to create a roadmap at an early stage of the planning process to capture the possibilities and feasibility on a timeline. In this way all parties involved have the same visual state of affairs and the expectations regarding the execution of a project can be set correctly.
IAG assessments are used to determine a company's position with regard to the topics of Identity & Access Governance in their entirety or for the sub-areas that are relevant or interesting for the company in question. The assessment is based on a list of questions that are grouped in context with defined topics (e.g. strategy, processes, governance, etc.) and thus illuminate different dimensions of Identity & Access Governance. The respective answer options are graded and thus contribute to an assessment of the found degree of maturity.
The number and level of detail of the questions define the depth of the assessment. High-Level Assessments are based on a smaller number of questions, can therefore be carried out in a relatively short time. Thus, they are also suitable for Self-Assessments. More intensive assessments are always offered as a consulting service based on ISO27001 and the BSI Grundschutzhandbuch (Basic Protection Manual), since the higher level of detail requires experienced consultants and the participation of the customer's specialists. The assessment can be adapted to customer requirements and is particularly scalable. Based on the detailed assessment, the potential for improvement and the need for action are also identified. If desired suitable measures to eliminate the deficits are suggested and ways to prove the success of the measures are shown.