Authored by Daniel Poliquin, Principal of Deloitte Advisory Services.

You’ve likely heard tourists talk louder and louder as they try to communicate with locals who speak a different language. Business leaders and IT teams often have a similar language gap. It’s no wonder that technical solutions frequently don’t solve the business need they were intended to fill.

Many companies have very little to show for the vast amounts of time and money they’ve spent trying to prevent cyberthreats and improve IT system security. That could be because these enterprises have viewed identity governance as an IT problem when it’s really a business problem.

Identity Governance: A How-To

For the business to function efficiently, the right people need the appropriate level of access to the right systems at the right time. The business also needs system flexibility to develop new operating models, streamline processes and break down silos to continue to create sustainable value.

To effectively address these risks and opportunities, the business has to be actively involved in delivering an identity governance program that works. Here are a few tips for launching a business-led approach:

• Start with a clear vision. What does an effective and efficient identity governance program for your enterprise look like? Which assets are critical to protect? Who needs access to these assets? Why do they need access? When do they need access? How does this compare to your current state?

• Align key players. Bring together influential people from the business, IT and security to work together to fulfill your vision. Many companies also bring in a third-party adviser who is experienced in business transformation and implementing effective identity governance programs. These advisers should be able to translate business needs into technical requirements and vice versa.

• Develop the transformation plan. Many organizations have morphed over time, creating a hodgepodge of systems, processes and roles. Before a technical solution can be effectively implemented, organizations must have a plan to streamline and standardize their operations. This business plan then drives the technology plan.

• Implement the plan. When the business and IT share a common vision of the end state, they are more likely to gain the support of the people within their organizations and deliver a governance program that’s supported across the enterprise.

Of course, any transformative project is difficult to pull off, but we have found that when the business and IT are both actively engaged, the result is a more vigilant, resilient and secure enterprise.

Learn More

Attend IBM InterConnect 2016 in Las Vegas to join me and Andrea Rossi, vice president of Identity Governance and Intelligence Sales at IBM, as we discuss how leading organizations are dealing with identity governance.

Our presentation “Identity Governance: The Good, the Bad and the Ugly” provides an overview of trends driving the need for identity governance, how IBM’s new governance offerings bolster compliance and the top reasons why your business needs identity governance. The talk is scheduled for Monday, Feb. 22, at 4:30 p.m. in Mandalay Bay’s South Lagoon A.