A survey conducted by KPMG IT Advisory together with Everett Advisory is now available. This is a quality piece of research which provides valuable insights for organisations doing IAM, as well as companies like us who are supporting those initiatives. Congratulaions to John Hermans, Joris ter Hart, Willem Guensberg, Arjan van Vliet of KPMG, and Peter Valkenburg Erik Frambach of Everett for putting the report together. Downoad the report now.
While the report describes the European market, the findings are line-ball with our observations of the Australian customer base; and in summary:
Governance, Risk and Compliance is by far the main driver of IAM
- Governance, Risk and Compliance is even more important than last year’s survey indicated;
- The vast majority of IAM projects are still focused on their organisation’s directemployees;
- Access attestation and certification services are ‘on the map’ and this is possibly at the expense of the implementation of complete IAM solutions.
- This indicates a shift from more preventive controls to a detective approach focused on an organisation’s ‘crown jewels’.
Significant gaps exist between the expected and realised benefits of IAM
- Although gaps between expectation and realisation still remain, over half of the respondents were satisfied with the outcome of their IAM project;
- Organisations face difficulties in measuring the costs, benefits and quality of IAM services and related activities.
- A lack of business buy-in is the main cause of IAM project failure
- IAM projects are still mostly the responsibility of the IT department or the Security Officer;
- 50% of the respondents stated that the business was not ready for the proposed solution;
- 51% of the respondents indicated that there was a lack of support from management and stakeholders.
Enjoy the read!