Tuesday October 10, 2006
Tuesday October 10, 2006 As we have mentioned before, Identity projects, particularly provisioning, are not your normal IT projects. They will test your skills as a project manager as you have to negotiate the corporate waters of not only IT, but Finance, Complaince, Security, HR, etc. You will have to build consensus with all of these groups you normally don't have to get in close with if you are going to be successful.
So let me relate one place where your project can get put where you may be stuck in a funding death spiral. Watch for it and be prepared to build your case to get out of it.
In many organizations, IdM is first put in place to help with SOX compliance. Good thing at the start; has to get done, major penalties if your company doesn't comply. Budgeting is easy to justify. Get IdM in to solve the compliance issue and we will circle back later to do all the cool, positive ROI stuff like user self service, etc.
The problem with making IdM a compliance project out the door is you have to watch where your budget is coming from. If your project will last a while and into the next budget cycle, you run the risk of having your project classified as a compliance project when it comes time to carve up the upcoming budget dollars.
And you are now at the event horizon for the black hole your project may get sucked into, never to return. By being classified as a compliance project, it will be looked at by senior management as overhead and a non-revenue generating activity. Some of my clients have even had the CTO flip the project over to the Chief Compliance Officer, trying to get this "compliance anchor" off his budget.
And as a compliance activity, management will start to strangle available funds for building on the IdM platform. Even if your CTO suddenly gets the "ah-hah" moment on what an asset the IdM platform is to his organization, it may be too late; he or she no longer handles the purse strings, the compliance officer does. And their goal (being from a financial background for the most part) is to get things done for as little capital expenditure as possible. The project will be installed, monitored for compliance, and funding will dry up.
So be aware of this IdM funding death spiral. Start out as a compliance project, but be sure to keep selling the ROI benefits for non-compliance extensions to the platform. Keep your project in the graces of those you will need in the future to help fund your vision.
And as a final note: want to welcome another Sun IdM blogger: Mike Wyatt. He is the head of our AES team within the software practice. Thats Architecture and Enablement Services - we help figure out how to implement IdM software with our client. His blog will also deal with Identity Management projects, focusing on where they can fail. I am sure you will enjoy his insight and knowledge from years of working these projects at major clients. Mike is one of the jewels among many we acquired when we picked up Waveset. Welcome Mike, happy blogging. Also be sure to check out Mark Dixon and Sara Gates for more IdM related bloggin.
Technorati Tags: idm sun identity compliance
So let me relate one place where your project can get put where you may be stuck in a funding death spiral. Watch for it and be prepared to build your case to get out of it.
In many organizations, IdM is first put in place to help with SOX compliance. Good thing at the start; has to get done, major penalties if your company doesn't comply. Budgeting is easy to justify. Get IdM in to solve the compliance issue and we will circle back later to do all the cool, positive ROI stuff like user self service, etc.
The problem with making IdM a compliance project out the door is you have to watch where your budget is coming from. If your project will last a while and into the next budget cycle, you run the risk of having your project classified as a compliance project when it comes time to carve up the upcoming budget dollars.
And you are now at the event horizon for the black hole your project may get sucked into, never to return. By being classified as a compliance project, it will be looked at by senior management as overhead and a non-revenue generating activity. Some of my clients have even had the CTO flip the project over to the Chief Compliance Officer, trying to get this "compliance anchor" off his budget.
And as a compliance activity, management will start to strangle available funds for building on the IdM platform. Even if your CTO suddenly gets the "ah-hah" moment on what an asset the IdM platform is to his organization, it may be too late; he or she no longer handles the purse strings, the compliance officer does. And their goal (being from a financial background for the most part) is to get things done for as little capital expenditure as possible. The project will be installed, monitored for compliance, and funding will dry up.
So be aware of this IdM funding death spiral. Start out as a compliance project, but be sure to keep selling the ROI benefits for non-compliance extensions to the platform. Keep your project in the graces of those you will need in the future to help fund your vision.
And as a final note: want to welcome another Sun IdM blogger: Mike Wyatt. He is the head of our AES team within the software practice. Thats Architecture and Enablement Services - we help figure out how to implement IdM software with our client. His blog will also deal with Identity Management projects, focusing on where they can fail. I am sure you will enjoy his insight and knowledge from years of working these projects at major clients. Mike is one of the jewels among many we acquired when we picked up Waveset. Welcome Mike, happy blogging. Also be sure to check out Mark Dixon and Sara Gates for more IdM related bloggin.
Technorati Tags: idm sun identity compliance
Comments:
Post a Comment:
Comments are closed for this entry.