BT Identity and Access Management Quick Start Service

Similar documents
Mobile Telecom Expense Management

BT Unified Communications and Collaboration Quick Start Service

BT Personalised Compute Management System. July 2017

BT Flexible Working Services. Making Flexible Working a Reality

BT Digital Screen Media. BT Media and Broadcast

Helping support and transform BT s local government customers

ISACA All Rights Reserved.

Identity & Access Management Unlocking the Business Value

Developing a successful governance strategy. By Muhammad Iqbal Hanafri, S.Pi., M.Kom. IT GOVERNANCE STMIK BINA SARANA GLOBAL

Familiar challenge, innovative solutions

Unlocking business value from effective operational risk management

Core Skills: Contributing Skills: Role Title: Senior Project Manager EXAMPLE. Reference: SFIA level 5

The Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector

BT Strategic Sourcing. Accelerating your business performance

Using assessment & benchmarking techniques as a strategic approach to drive Continual Service Improvement

BT Advise Compute Quick Start

Selftestengine COBIT5 36q

A holistic approach to insurance automation

BOARD OF DIRECTORS PAPER COVER SHEET. Meeting Date: 27 January 2010

A Guide to Business Continuity

Technology evolution. Managing the risk in four key areas

Creating a Lean Business System Prof. Peter Hines. Creating a Lean Business System Professor Peter Hines

Food Standards Agency/Food Standards Scotland Board Meeting 17 October 2018 FSA 18/10/01. A Review of Cutting Plants and Cold Stores Recommendations

Acquiring Digital Services for Defence using the Government Service Design Manual

JOB DESCRIPTION AND PERSON SPECIFICATION THE LONDON SCHOOL OF HYGIENE & TROPICAL MEDICINE

Information and Communication Technologies Strategic Plan 2016/ /20

JOB DESCRIPTION. Error! Unknown document property name. Version No: Digital Security Architect 1.1. Architecture and Solution Design Team Leader

Project Execution Approach

The Five Stages of a Successful Agile Transformation

Application for Accreditation of Prior Learning

Risk Management Update ISO Overview and Implications for Managers

Presentation. Jane Varnus Navdeep Panaich 20 th July, 2009

Braindumps COBIT5 50q

The Quality Profession Driving Organisational Excellence

How to assess the maturity of Identity Management

Good Practice Guide. Training And Development. Investing Time and Resources to Improve the Effectiveness of Your Staff. No.6

Achieving Organisational Goals. Accomplishing Strategic Initiatives. Implementation of Organisational Objectives. Stakeholder Management

Quality Management Policy. University-wide Specific. Staff Only Students Only Staff and Students. Vice-Chancellor

BT Unified Trading collaboration. The Future Delivered

JOB DESCRIPTION. Service Line Manager for [one of Education/Research/Business/Infrastructure] Job Family/Level: Professional Services, level 6

Translate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.

Information Systems Strategy

What is the Australian Tourism Accreditation Program?

Improving the Test Process with TMMi

International Civil Aviation Organization FIRST INFORMATION MANAGEMENT PANEL (IMP/1) Montreal, Canada January, 25 30, 2015

Building an Insight Driven Organisation March 2017

Knowledge Management

RESULTS. SAMPLE OF AN ACTUAL REPORT (PART II) Name of site left off. CERTIFIED: No Yes

Hosted Contact Centre (HCC)

Portfolio, Programme and Project Management (P3M3) Maturity Questionnaire

Higher Education Procurement Association. Procurement Benefits Reporting Guidance 2016/17 Onwards

How I Learned to Stop Worrying and Love Benchmarking Functional Verification!

Data Governance Implementation

Sustainability: BT s Carbon Impact Assessment. Real world solutions from a world class practitioner

Identity and Access Management. Program Primer

COBIT 5. COBIT 5 Online Collaborative Environment

Sustainability BT s Carbon Impact Assessment. Real world solutions from a world class practitioner

An Industry Code of Conduct Maritime Autonomous Systems (Surface) MAS(S)

Service Transformation in the Public Sector

A PRACTICAL GUIDE TO: S.M.A.R.T.E.R. SUPPLIER MANAGEMENT. [ T y p e t h e c o m p a n y a d d r e s s ]

Introduction to Business

GRIP for Programmes Release 1 (DRAFT) April Network Rail GRIP for Programmes Page 1 of 104

INTEGRATED RISK BUSINESS CONTINUITY CYBER-SECURITY THE RESILIENCE FACTORS THAT DRIVE YOUR REPUTATION

ASDAN Key Skills in Problem Solving. Level 1 Specification

MODEL-DRIVEN MANUFACTURING EXECUTION SYSTEM BROCHURE

White Paper Realising benefits: How to plan for success

World Class EA. Global Trends: Multinational architecture deployments

Report of the Chief Executive to the meeting of the Executive to be held on 12 September 2017.

Progress in Implementing EU Exit

National Commissioning Board. Leading Integrated and Collaborative Commissioning A Practice Guide

6. IT Governance 2006

Structured process improvements in facilities management organisations: Best practice case studies in the retail sector

Job Description. Technology Operations Manager GRADE: 5 Operations Future Media & Technology Head of Future Media & Technology

Howto Approach Identity Management?

A Vision of an ISO Compliant Company by Bruce Hawkins, MRG, Inc.

Tech deficit. June 2014

Summary of 47 project management processes (PMBOK Guide, 5 th edition, 2013)

L3 Certificate in Leadership and Management Candidate Pack

Abstract. Glue Reply works with Sainsbury s to achieve the Holy Grail in Business Driven IT. Scenario. The project

Benchmarking Functional Verification by Mike Bartley and Mike Benjamin, Test and Verification Solutions

ISO 9001: Moving from requirement to

CRM System Tester. Location London Department Supporter and Community Partnerships. CRM Project Manager Salary Band C

Discussion Paper on the Validation of Pharmacovigilance Software provided via SaaS

Foundation Certificate in IT Enabled Business Change Syllabus. Version 2.0

HOW CAN YOU ENSURE SUCCESSFUL BUSINESS TRANSFORMATION? By Suzanne Costella

Key Elements of a BI/DW Strategy. Michael Gibson Data Warehouse Manager Deakin University

IDENTIFY HOW THE OUTCOMES CAN BE DELIVERED SUSTAINABLY STAGE 3. Sport England: Guide to Research

COBIT 5. COBIT 5 Online Collaborative Environment

L3 Award in Leadership and Management Candidate and Assessment Pack

University of St Andrews Financial Operating Procedure Management of Business Transformation Initiatives

Job Description Chief Operating Officer

Changes Reviewed by Date. JO Technology Manager - Samer Huwwari JO Manager, Risk & Control Technology: Issa Laty. CIO, Jordan- Mohammad Aburoub

Assistant Regional Asset Manager EU, Wider Europe and Americas. Department/Country Global Estates. Duration of job

Project Management Framework with reference to PMBOK (PMI) July 01, 2009

Senior Manager. Develop and design effective enterprise solutions that meet the business requirements while ensuring alignment to the IT strategy.

Quality Assurance and Improvement Program

Extending Access Control to the Cloud

Introduction. Your Software: Faster. Stronger. Better.

Technology, Systems & Delivery


Transcription:

BT Identity and Access Management Quick Start Service The BT Identity and Access Management Quick Start Service enables organisations to rapidly assess their Identity and Access Management (IAM) implementation s effectiveness, prioritise and structure potential improvement areas and review associated costs and business benefits. By using a unique IAM Capability Maturity Modelling approach, organisations can benchmark themselves against current industry averages, best practices and required target status. This approach provides a structure for progressing with future identity and access management initiatives in a holistic manner that helps reduce organisational risk.

About the BT Identity and Access Management Quick Start Service The importance of Identity and Access Management Identity is a core management principle for all organisations, enabling users to meaningfully and securely connect to, and use, resources. Existing boundaries where individuals and resources physically reside are disappearing. We are seeing the development of a new IT infrastructure and communications era, with identity at its very core. IAM is a combination of people, policy, process and technology, enabling the effective creation, management and exploitation of identity information. Organisations have increasing demands for effective IAM, not only to support architectural changes sweeping their wider environments, but because of new legislation and to satisfy ever-growing public awareness of online security threats. Requirements are being placed on an organisation s IAM infrastructure from initiatives to improve employee, customer, citizen and partner relations; strengthen security; increase organisational agility; and reduce IT costs. For these reasons, many organisations are placing IAM initiatives towards the top of their priorities for IT investment over the next few years. l 2007 online retail sales hit $175bn, a 21% increase on 2006. The forecast for 2008 is $204bn, a 17% growth Forrester 2008 l 80% of European internet users bought a product or service online, double the 2004 figure EIAA Online Shoppers 2008 l Over 41 million employees globally will use teleworking for at least 1 day a week during 2008 Gartner 2005 Improving Identity and Access Management Recently there has been an increase in the awareness of IAM s importance. Although standards and best practises now exist, these are numerous and spread over many areas. This, and the continuing pace of IAM product development in the marketplace can easily lead to inefficient implementations. The BT IAM Quick Start service is a unique method for rapidly assessing the state of your organisation s IAM maturity level. Rather than performing a general IAM review, or focusing on compliance gaps and weaknesses, the BT IAM Quick Start service identifies and documents opportunities for improvement. Your performance is then benchmarked against other organisations and best practices. The IAM Capability Maturity Model Level 5: Optimised Level 4: Managed and measurable Level 3: Defined Level 2: Repeatable Level 1: Initial/ad hoc The BT IAM Quick Start service utilises a structured approach that reviews your IAM implementation across more than 200 capability areas, so you can: l Understand the risks involved in your current IAM implementation. l Provide a high-level overview of your IAM implementation s strengths and weaknesses to prioritise areas for improvement. l Compare your IAM implementation against recognised standards and best practices including IAM elements e.g. ISO27001, ISO27002, CobiT, ISF Standard of Good Practice, PCI DSS. l If your IAM is part of a drive for certification to ISO 27001 we can offer consultancy in Information Security Management Systems which can be certified to ISO27001. BT has over 25 certificates to that standard worldwide and provides consultancy in this and several other ISO standards. l Benchmark your IAM implementation against set industry averages. l Measure the improvement of your IAM implementation over time. IAM effectiveness rises Level 0: Non-existent Risk increases

The process Status checklist Begin your Quick Start service by completing a simple checklist regarding your current IAM status. This checklist enables you and your BT Account Manager to discuss, at a high level, where your issues may lie. From there, we can establish the most appropriate starting point for the remainder of the Quick Start service. The checklist does not require technical input and should be completed by a senior member of staff who is aware of your current IAM status. Level one: Quick Start Workshop We offer a short and focused engagement which gives your organisation a taster of BT s IAM Service. It culminates in a workshop with senior stakeholders which helps us to understand your current working environment and identify key priorities and challenges. It also provides you with the opportunity to discuss your concerns with experienced BT IAM consultants. There are two levels of Quick Start available. Although both are based on the same BT IAM Maturity Model and review IAM effectiveness in your organisation, they differ in the level of detail covered and the purpose of the engagement. The most appropriate level should be decided following a review of your requirements and the checklist with your BT Account Manager. Depending on the option you choose, the engagement will last approximately 2-3 days or 2-3 weeks. Step 1 Step 2 Activities l Questionnaire to understand your business drivers l High-level IAM Maturity Rating across 30 different capability areas determined l If relevant, an IAM cost/benefit questionnaire is also submitted l Data gathering and scoping with service heads and functional managers l Information analysed in preparation for workshop Outcomes l IAM Maturity Rating l Understanding of key drivers and issues l Analysis of information gathered Step 3 l Workshop attended by senior members of staff to review the priority areas identified l Further exploration of key issues identified l Opportunities and approaches to improve IAM maturity discussed Key Deliverables: l Common understanding of IAM benefits l IAM Maturity Rating l Assessment of strategic objectives l Identification of priorities

The process Level two: Quick Start Assessment An IAM Quick Start assessment typically takes place over a 2-3 week period. This helps to establish a much greater understanding of the IAM maturity of your organisation and highlights opportunities to improve your IAM effectiveness. Step 1: Planning Activities l Conference call/meeting held to agree the basic engagement structure, stakeholders required and meeting schedule. Outcomes l Scope of engagement agreed Step 2: Initial Situation Analysis l Analysis of organisation s IAM implementation and known issues and requirements through meetings and reviews. l Assessment of organisation s IAM issues and requirements Step 3: Conduct Assessment l Series of workshops focused around each of the IAM Maturity domains. l An initial assessment of the desired state, based on organisational requirements. l IAM Maturity Rating l Appraisal of desired state l Impact analysis l Initial recommendations l Initial recommendations developed. Step 4: Establish Recommendations l Final workshop to complete the assessment. l Assessment completed and reviewed l Findings delivered and conclusions drawn Step 5: Present findings l Summary findings and recommendations for improvement issued. l Final report l Executive presentation Key Deliverables: l Common understanding of IAM benefits l IAM Maturity Rating l Assessment of strategic objectives l Identification of priorities

The outcome Identity and Access Management within any organisation is dependent upon the: l People, policies and processes involved in running the IAM implementation. l Technologies (e.g. the systems and applications) comprising the extended IAM architecture. l Identity information running through the corporate infrastructure. The BT IAM Maturity Model is built around these dimensions. If any of these dimensions is weak, the overall IAM implementation will suffer. The BT IAM Maturity Model is then further broken down into the following IAM domains: l IAM Strategic Environment a higher level collection of policies and processes, essential for the effective inter-working of specific areas. l Identity Storage the centralised set of services that can be called on by other parts of the IAM infrastructure and applications to provide accurate and complete identity information (e.g. Enterprise Directory service). l Identity Data Integration the systems and processes that distribute and integrate identity data around an organisation. l User Provisioning all aspects of user registration/de-registration and assigning removing privileges and resources. l Identity and Role Administration the administration of core user identity data, including roles through Self Service and Delegated Administration Applications. l Credentials Management all aspects of managing user credentials (e.g. passwords, tokens) for authentication purposes. l Authentication the collection of technologies and processes used to determine a user is who they claim to be. l Authorisation establishing whether a user is authorised to access a specific resource. l Audit reviewing and ensuring all operations involving identity are properly and securely undertaken, according to organisational policy and external legislation. l Extended Enterprise working with business partners and internal separate organisations in an extended enterprise e.g. through federation. l Application Exploitation how effectively the business applications and other services are exploiting the IAM infrastructure. As part of a Quick Start assessment, an IAM Maturity Rating is established for each of the IAM domains and dimensions. Similarly, an indicator assessment is established during a Quick Start workshop. An organisation can then compare the effectiveness of its IAM implementation against where it wants to be, industry averages and external standards. Having progressed through the Quick Start service, you will be in a position to better understand the risks involved in your IAM strategy and current implementation. You will also be able to more clearly identify and prioritise areas of improvement and the benefits they would achieve.from this, a business case can be built for presentation to key stakeholders and budget holders to secure further investment for specific IAM initiatives. And finally, it will give you the framework on which to base a holistic IAM programme aligned with organisational priorities, against which improvement can be measured over time. Example of IAM maturity model overall ratings IAM Strategic Environment 5.0 Organisation X s Assessed Rating Applications Exploitation 4.0 Identity Storage Average initial assessment of BT customers 3.0 Organisation X s Target rating Extended Enterprise 2.0 Identity Data Integration 1.0 0 Audit User Provisioning Authorisation Identity and Role Administration Authentication Credentials Management Industry best practise is a maturity level of 5

Status checklist The following questions are designed to indicate the most effective starting point for a BT IAM Quick Start engagement with your organisation. Please answer Yes, Partially and No. The relevant box should be ticked and you can then total your answers in the summary section to give an indication of current status. 1. Organisational awareness and commitment Is there a formal owner of IAM within your organisation? Is there recognition across Senior Management and wider stakeholders of the need for and value of IAM? Is there awareness across Senior Management of the impact of any current IAM issues and the need to resolve these issues? Is there an IAM strategy and IAM policies that are well-defined and followed across the organisation? 2. Current IAM effectiveness Are you measuring your IAM effectiveness against industry standards and best practices? Are regulatory and internal compliance requirements from Group Risk or Group Audit being fully met? Are your vital information assets being adequately secured? Are users being efficiently and effectively provisioned and deprovisioned according to organisational needs? Are users able to simply access applications that are personalised for their needs? Are IT helpdesks working efficiently, for example with a small number of passwordrelated calls? Are you working effectively with third parties, exploiting the new digital networked economy? Is your internal IAM infrastructure enabling new applications to be developed rapidly to meet new business opportunities? 3. Current and planned IAM initiatives Are business and functional requirements that drive IAM initiatives well understood and are these requirements being established and managed? Is there a signed-onto business case for IAM, agreed across the organisation? Are IAM initiatives being formally prioritised and co-ordinated, to achieve the greatest immediate and long-term business benefits? Is there a clear roadmap agreed across the organisation for improving and exploiting IAM, with measurable milestones in place? Is there an established IAM programme across the organisation, with appropriate governance and being measured for success, or are you trying to establish such a programme? 4. Summary 1. Organisational awareness and commitment 2. Current IAM effectiveness 3. Current and planned IAM initiatives

Why BT? BT s IAM Quick Start service is one of the leading comprehensive IAM effectiveness benchmarks available in the market today. The process reflects BT s unique experience, built up over many years with major private and public sector organisations such as AXA Insurance and the UK MoD. The established method and tools enable rapid assessment in very short timescales, minimising the impact on employees, partners, customers and citizens. This experience is augmented by one of the industry s largest partner programmes (more than 90 partners globally) and by acting as a leading player in global IAM research (e.g. having led the European Commission GUIDE project). BT s own best practices and investment in this intellectual property have provided internal savings of more than 88m per year within BT. Our customers have also saved up to an estimated 12m per year, as the direct result of our efforts. The BT IAM Quick Start service provides you with the framework on which to base a holistic IAM programme aligned with your organisational priorities, against which improvement can be measured over time. Further to this, BT can offer you a repeat IAM assessment that takes place over an accelerated 2-3 day period. This is usually done several months after the original IAM Quick Start to establish what progress has been made. This is particularly key for organisations where improved identity processes and systems have yet to be deployed, as the repeat assessment can show that IAM maturity levels may have actually worsened, together with the corresponding risks and efficiency levels. BT has delivered IAM Quick Starts to a growing number of organisations across the globe, establishing industry data for many major public and private sector enterprises. This means that we are able to offer you a unique insight into both the use of identity within organisations today, as well as into the importance of identity in the future.

About the BT Quick Start Series BT s Quick Starts are concise, service-led engagements focused on key services and technologies that are of critical importance to organisations within the digital networked economy. These services and technologies combine to form a wider infrastructure model, each representing significant advances and long-term efficiencies for the organisations deploying them. BT Quick Starts can be used as an integral part of an organisation s development roadmap. BT Quick Starts enable organisations to assess, test, plan and establish the validity of each service or technology in manageable parts. Each Quick Start is formed using defined stages with clear outcomes and will provide the necessary information not only for the technical aspects of deployment, but also for the commercial justification of infrastructure or network changes. What next? We can take you through the benefits and implications that would directly affect your organisation. In addition, we can help you build tangible examples that add value to the key stakeholders in your organisation. Contact your BT Account Manager to arrange a meeting and discuss how the BT IAM Quick Start can help your organisation. Offices worldwide The telecommunications services described in this publication are subject to availability and may be modified from time to time. Services and equipment are provided subject to British Telecommunications plc s respective standard conditions of contract. Nothing in this publication forms any part of any contract. British Telecommunications plc 2008 Registered office: 81 Newgate Street, London EC1A 7AJ Registered in England No. 1800000 Designed by Loewy: London PHME 52785

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback