ASSESS YOUR IAM MATURITY

Assess your IAM maturity

Maturity models are one of the widespread areas in the field of
improving organizational performance. They help large
organizations to identify organizational strengths &
weaknesses as well as providing benchmarking information.
In IAM, there is no standard related to the maturity model. The
one we suggest above is inspired from the model used by
KuppingerCole analysts and the US Army for its IAM reference
architecture document (unclassified).
It is important for organizations to be able to assess their
situation by a comprehensive and useful model.
For further details and a complete assessment, please contact
Memority teams

03/06/2016

Memority

Assess your IAM maturity

Target

Continuous improvement

and integration of processes

with other processes, optimized policies, guidelines, and
organization.

Level 5:
Optimizing Advanced analytics and forensics, integration with
Realtime Security Intelligence.
Hybrid Cloud IAM/IAG.

Continuous improvement and enhancement of

authentication for additional use cases and technologies.
Flexible implementation of various user journeys.
Dynamic, integrated with Realtime Security Intelligence.
Rule-based policy compliance.
Additional Technologies involved: full integration of
Cloud IAM into a hybrid model, Integration with security
analytics

Assess your IAM maturity

Target

Increasing integration and business-focus, especially

around access request and recertification.
Level 3:
Business- and
Audit-focused /
Secure and
Flexible

Support for Extended Enterprise by simple and

controlled onboarding of external users.
Better support for fast and efficient fulfillment of audit
requirements.
Full support for Joiner/Mover/Leaver.
Flexible exchange of multiple authentication factors, at
minimum 2-Factor
Authentication, and mechanisms and support for stepup authentication and other advanced forms of
authentication, independent of the consuming
applications.
Continuous monitoring.
Additional Technologies involved : Access Governance,
Identity Federation, Privilege, Management, multifactors authentication.

Target

Assess your IAM maturity

Level 2:
Administrative /
Defined

Defined, partially automated processes and point

solutions to solve the major technical problems.
Limited or no integration. Infrastructure focus on
technical solutions.
Basic support for Joiner/Mover/Leaver.
Strong authentication technologies for sufficient level
of security, plus support for remote users of different
types.
Technologies involved: Directory Services, Identity
Provisioning, Web Access Management, Strong
Authentication Technologies.

Target

Assess your IAM maturity

Manual, per system management of identities and
their entitlements.
Level 1:
Initial

No clean-up processes and no central view on given

entitlements, their accuracy, an no or little concept of
movers and leavers.
Manual, per system concept for authentication,
frequently not strong and not sufficiently secure.