This project will wrap a formal Project Management process around a request from Information Security to assist them and PWC in engaging with all the relevant stakeholders throughout the UoE to deliver a new IDAM roadmap (details below). The anticipation is that this will be delivered alongside additional benefits of having a PM involved - oversight, enquiries, questions etc.

Summary:-

The Identity and Access Management (IDAM) Strategy project will support PWC (Price Waterhouse Coopers) in documenting the current state, review against other higher education users, perform a gap analysis and maturity assessment, concluding in defining a target state for IDAM and constructing a roadmap to get there. 

The core aim links into the Information Security strategy which was signed off in early January 2019.

PWC Key Engagement Objectives:-

1. A maturity assessment of the current approach to the user identity, authorisation and authentication management lifecycle within the University that covers relevant aspects of people, process and technology.

2. An Identity and Access Management Strategy that defines an optimal target state, detailing people, process and technology requirements. The strategy should include details of typical ‘user

journeys’.

3. Evidence that deployment of the Strategy will deliver demonstrable benefit to the University through increased efficiency in user identity management, reduced information security risks etc that can be used in support of any required business case.

4. An indicative roadmap and recommended deployment approach that will deliver sustainable improvements.

5. Indicative costs for toolsets and associated licenses should any new technologies be required.

Other Considerations/Points confirmed by UoE:-

Business engagement interviews should be performed across a wide selection of stakeholders including IT, Applications, Service Owners, College and Support Group representatives, Student Systems, HR, the IdAM User Group, Development and Alumni, and other interested parties.

Specific user journeys (JML) to be included and which will be considered along with other common JML based use cases. We will look at key capabilities based on our market knowledge including:

1. High volume of student joiners during registration and how to handle applicants, both pre and post joining. How to provide students with zero-day provisioning, so they have appropriate access available on day 1.

2. Users who join with elevated privileges, move role, then leave and possibly become Alumni. Look at Role Based Access Control and automation of the leavers and movers processes so that only appropriate access is retained regardless of user type.

Demonstrate that an IdAM strategy will deliver the following key goals:

1. Increased efficiency in user identity management.

2. Reduction of security risk.

 

There are four phases planned:-

  1. Understand the as-is environment, establish the current state, target state and gap assessment
  2. Define the strategy, architecture and operating model to define, deliver and run the capability

  3. Establish the roadmap and KPI metrics to transition to the target state and measure success

  4. Support you establishing a business plan to progress roadmap activities

Current project status

Report Date RAG Budget Effort Completed Effort to complete
November 2019 GREEN 40.0 days 44.0 days 1.5

Project Info

Project
Identity and Access Management (IDAM) Strategy
Code
ISG016
Programme
ISG Portfolio Projects (OTHISG)
Management Office
ISG PMO
Project Manager
Adam Wadee
Project Sponsor
Alistair Fenemore
Current Stage
Close
Status
Closed
Project Classification
Grow
Start Date
21-Jan-2019
Planning Date
09-Feb-2019
Delivery Date
30-Aug-2019
Close Date
20-Dec-2019
Programme Priority
1
Overall Priority
Normal
Category
Discretionary

Project Dashboard

Project journal

No entries found.

Change dashboard

Nothing to report.