Identifying potential inefficiencies or gaps and measuring IAM effectiveness remains a challenge.
Over the past 10 years, many organizations have implemented or introduced IAM programs to securely manage the increasing quantity of digital identities. In practice, identifying potential inefficiencies or gaps and measuring IAM effectiveness remains a challenge.
Measuring the effectiveness and efficiency of an organization’s controls or changes in the risk landscape is necessary to improve an organization’s security posture.
“You can’t manage what you can’t measure.”
It is important to emphasize that PKIs in themselves are just KPIs. The effectiveness of an IAM program can only be improved if the findings are used to drive decisions and actions, providing a prioritized approach to risk reduction.
There are three fundamental steps—measure, report, and improve—and a feedback loop in the Life Cycle Management (LCM) of the KPIs. All three steps are equally important and should be regularly repeated as part of an IAM continuous improvement strategy.
In this session, Fredy makes the case for the importance of KPIs to an IAM program and provides actionable recommendations for implementing the three-step process for IAM KPI life cycle management.