Historically, many organizations have leveraged Identity Lifecycle Management programs to manage the increasing quantity of digital identities. In practice, identifying potential inefficiencies or gaps and measuring IAM effectiveness remains a challenge. Measuring the effectiveness of an organization’s controls and changes in risk landscape is necessary to improve an organization’s security posture. “You can’t manage what you can’t measure.”
It is important to emphasize that PKIs in themselves are just KPIs. The effectiveness of an Identity Hygiene program can only be improved if the findings are used to drive action. Providing a prioritized approach to risk reduction. There are three fundamental steps—measure, report, and improve—and a feedback loop in the LCM of the KPIs. All three steps are equally important and should be regularly repeated as part of an IAM continuous improvement strategy.
In this session, Fredy makes the case for the importance of KPIs to an Identity Lifecycle Management program. All in all, he provides recommendations for implementing the three-step process for KPI lifecycle management.