IAM Project Intangibles


IAM Project Intangibles should not be just about you "can save some resources and may be reallocate a few FTE's to more value adding activities and show some efficiency and performance increase".

Sure that is a great way to start. When you are required to convince the companies board members to spend perhaps several million dollars, you must be able to present the awareness of other issues related NOT implementing the IAM Project. Some of those items might be similar to:

Non-compliance issues#

Non Compliance may cost you much more the ISM Project.

Unfortunate events Example#

In March 2007, a non-named company had credit cards and debit cards were accessed by computer hackers, exposing 45.7 million customers to potential theft from their accounts.

Outside security provider Protegrity has estimated that the company's losses as a result of the data breach may reach $1.6 billion in the years that followed the breach. The company admitted that the legal and and financial costs from the data theft cost it $20 million in the first quarter following the detection of the breech alone. The losses would come as a result of paying for credit checks and administrative costs for managing the fallout from the breach.

Note that these costs did not include the ill-will and loss of the companies own credit card usage.

Official action against the company in the form of regulatory fines made up a $1.5 million.

Or as one expert said, "The issue is a lot of companies really struggle with intangible benefits and risk profiles ... until, as he said, it's too late." He went on to say, ...in an environment where the intangible is brand value as opposed to just compliance"

Identity and Access as an Enabler#

One of the major ROI's for IDM is as an enabler or a mechanism to make an existing business process more efficient. IDM allows the focus of the "real" work of an organization to continue based on the Consistent, Specialized, and rapid management of identities without constant interruption of well, we have to wait; or someone messed up putting in the data.

On one client site, I was told that they had duplicate Social Security Numbers in their HR system that were as far as they knew, were valid.

More Information#

There might be more information for this subject on one of the following: