Identity Access Management (IAM) is a set of business policies, framework and processes which ensures the right person has access to the right asset/resources. Identity Access Management solutions can deliver intangible benefits that are revenue increasing and other tangible benefits that are cost reducing.


Here are 11 Ways To Measure The Effectiveness of your Identity Access Management (IAM) solution:

  • Average number of distinct accounts (credentials) per user:
    Generally an organisation has multiple number of accounts per user. Identity Access Management (IAM) solutions can help organisations to reduce this number close to one using their SSO (Single Sign on) functionality.
  • Number of unused accounts:
    Identity Access Management(IAM) solution can also help in reducing the number of unused/uncorrelated accounts. Uncorrelated accounts are the accounts which don’t have any owners and they come into picture because of promotions, transfers, and termination of workforce. These uncorrelated accounts can create risk for the companies if being hijacked by outsiders.

  • Number of new accounts provisioned:
    Number of new accounts provisioned should be equal to the number of new joinees. If there is a significant difference between these two numbers then it indicates that your IAM solution is not effective to give correct identity data.
  • Number of exceptions per access re-certification cycle:
    Exceptions means when the user is assigned the rights he/she should not be given. High number of exceptions can be because of poor identity data or access process problem (persons requesting re-certification do not have all the information required).
  • Password policy effectiveness:
    To measure the effectiveness of your IAM solution you can check the password reset data for a period say one month. With an effective Identity Access Management (IAM) solution this volume of data should tend to go down. If it does not, then there may be some issues with the password policies and management of your organisation.
  • Average time to provision and de-provision of a user:
    For an effective Identity Access Management (IAM) solution, this metric should come down.Most of the time, if someone is not getting the timely access, then there are backend processes responsible for that. This gives you an indication that you should work on your business processes.
  • Average time to provide an authorization
    For an effective Identity Access Management (IAM) solution, this metric should come down.This metric can provide insight into the efficiency of an organization's approval processes.Knowing the time taken can help to resolve the bottlenecks and help in improving out dated processes.

    ( Read More: Checklist To Assess The Effectiveness Of Your Vulnerability Management Program )

  • Average time to make changes in identity policies:
    For an effective Identity Access Management (IAM) solution, this metric should come down as IAM solutions can aid centralization of policies. So changes are faster compared to traditional ways. Organisation wide changes can be made easily.
  • Violation of separation of duties:
    For an effective Identity Access Management (IAM) solution, this metric should come down.The organization should implement preventive controls to monitor these violations, report them and orchestrate their remediation.
  • Reduced identity management cost
    For an effective Identity Access Management (IAM) solution, this cost of managing the large amount of identity store should come down. An effective IAM solution will provide the capability to expand the organization’s people and IT resources without increasing the IT staff.

More:  Join the community of 3000+ Chief Information Security Officers.  Click here

E-mail me when people leave their comments –

CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)



CISO Breakfast at BlackHat Las Vegas 2024!

  • Description:

    We are thrilled to invite you to the CISO Breakfast at BlackHat 2024. 

    CISOPlatform is a community partner for the event which is co-hosted by Silicon Valley Bank, Stage One, First Rays Venture Partners, Latham & Watkins.


    Event Details: 

    • Date: Thursday, August 8th,…
  • Created by: pritha
  • Tags: blackhat usa, las vegas, ciso breakfast, usa