4 minute read time

Identity Governance and Administration is a Team Sport

by   in CyberRes by OpenText

After five decades of obscurity, the Kansas City Chiefs were finally able to transition into the NFL limelight. As a reference point, the Chiefs went 46 years (1969 to 2015) without a playoff game victory. Before that, one year earlier, in their seventh season, the 1969 Chiefs racked up an 11–3 season record, won all their playoff games, and capped it off by beating the heavily favored Minnesota Vikings in Super Bowl IV.

Andy Reid and Brett VeachWhile there has been a lot of focus on Andy Reid's coaching and Patrick Mahomes QB talent, less has been said about the general manager (GM) Brett Veach's contribution to building a Super Bowl team. While coach Reid's ability to connect with players and design plays that work for them, Veach has played a crucial role in bringing talent through the front door. Before taking on the mantle of the Chief's GM, Veach was personnel director, which served well as a spot for him to be groomed for the position.

Beyond transforming the team's personnel these past five years as the GM a couple of years ago, Brett got ahead of the daunting task of navigating the team through its potential salary cap issue. The NFL's most dynamic receiver, Tyreek Hill (Cheetah), had made it clear that he was expecting a contract reflecting his status. Rather than letting such a deal force the Chiefs to put all their eggs in one basket, Veach and Reid went to work to reinvent the team by transforming it to be positionless. As a guest on ArrowTechPride, Brett clarified their strategy: “It's speed, which goes with the player's aptitude to be able to come in and learn plays coach [Reid] likes. Coach Reid likes to create matchup problems and he likes offensive players that can play multiple positions, so if he wants to get to a player or a look that's successful, it doesn't have to be that same player running that play. We like receivers that can play inside and outside, and we like running backs that can play in the slot, so anytime you get speed and versatility, those guys are high on my priority list.”

Using Patrick Mahome's QB skills as their foundation, Reid and Veach work together to design a game plan independent of the rest of the individuals of that offense. This approach not only helped the Chiefs navigate the future without the Cheetah but will also help them work through other up-and-coming cap challenges in the future.

Meet The IGA Team

Like team sports such as football, successful identity governance requires participation and follow-through from several vital participants.

While ideally, Identity Governance initiatives have executive sponsorship (typically a chief compliance officer, CISO, or CIO) as the IT Director or Manager, you have the specific responsibility of playing QB as you direct the greater team. The typical team consists of personae like these:

IGA Administrator – has the ongoing responsibility for management and maintenance of the IGA deployment. In addition to the day-to-day care and feeding, they must work with the business stakeholders to translate business needs into product policy.

Solution Architect – works with the other personae to set policy for who should have access and what level of access (what permissions/entitlements). They often are responsible for defining appropriate change control processes and procedures. They also ensure that the software supports and/or adheres to current company standards (both software and security standards).

Compliance Manager – needs to work with the other personae to ensure the level of access to applications and data adheres to compliance policy. To do this, they work with change management to ensure any changes in access policy (applications and data) do not violate any compliance mandates. They fight the constant challenge of keeping up to date with the plethora of regulations around the globe and what impact/potential impact they may have on the organization.

Application Owners – This role works with IT and the consumers of their information to set policies for who should have access and what level of access (what permissions/entitlements). Together they define what appropriate access is and isn’t. Either they themselves or the IT folks they work with also need to be conversant on who should have privileged access to their applications.

End users and their advocates to the IGA team – these representatives work with IT and application owners to set policy for who should have access and what level of entitlements and other identity lifecycle events need to be implemented either initially or road mapped. They’ll likely help the compliance manager understand the levels of access that are needed.

Except for the IGA Administrator and compliance manager, identity governance isn’t any of these folks' full-time responsibility. In fact, it competes with their daily routine. While hopefully, it’s one of the executive sponsor’s top priorities, it may not be.

Helping the Team Reach Their Potential

If you’re reading this blog, you likely know yourself or through others that identity governance projects too often fall by the wayside, which is why I’m so thrilled in a couple of weeks to have Jim Montgomery from Trivir as a guest to talk about tips, tricks, and critical success factors needed for a triumphant deployment in this webinar, Scaling IGA to Cover the Whole Enterprise, on March 14. Jim brings a decade of experience helping organizations successfully deploy identity governance across a wide variety of environments. Jim does for identity governance what the Veach/Reid did for the Chiefs. He knows how to help you recruit the right players needed for a successful identity governance initiative as well as how to help you best utilize their talent.


Join our Community | Identity Governance and Administration User Discussion Forum| Tips & Info | IGA Idea Exchange 


Identity & Access Mgmt