Recommendations for aligning ITSM with IAM/IGA
1 Executive Summary
A single tool for all employee service requests is an attractive proposition to most medium to large organizations because of improved end user experience through convenience and familiarity, and the business’s desire to get additional value out of the ITSM system. As a result, many organizations are building functionality into their ITSM systems to respond to employee requests for anything and everything, including identity provisioning and access to the IT resources they need to do their jobs. Although this may appear to be a good idea and keep employees and the bean counters happy in the short term, this is a risky strategy because IAM/IGA functions are extremely important when it comes to information security and compliance.
Failure to fulfil all IAM/IGA-related service requests through dedicated IAM/IGA systems will inevitably lead to failures to document, log, monitor and manage these activities adequately. This in turn will lead to security and compliance risks. Another long term risk is that maintaining highly customized ITSM configurations to provide non-core IAM/IGA functionality could be challenging and costly, especially when the original developers and system integrators who were responsible for the modifications and understand how the code works are no longer available to provide support. This Leadership brief outlines how a middle ground might be achieved without exposing an organization to security and compliance risk.
2 Analysis
There is certainly value in having a single portal that everyone in an organization can use for all service requests, but it needs to be done in a way ...
Login Get full Access3 Recommendations
Organizations should resist the temptation to build IAM/IGA functionality within ITSM systems. Just because it is ostensibly an easy and cost efficien ...
Login Get full Access4 Related Research
Leadership Compass: IDaaS Access Management - 79016
Leadership Compass: Identity as a Service (IDaaS) IGA - 80051
Leadership Compass: Identity Governance & Administration - 71135
Leadership Brief: How to set up your IAM organization - 72548
Leadership Brief: 10 Top Trends in IAM - 80335
Whitepaper: Why Modern Enterprise IAM Must Be Rearchitected: Build Your Case for Containerized IAM and IDaaS - 80044