With the acceleration of digital transformation, businesses must be nimble in their ability to adapt to change. And with the paradigm shift of the last year, a digital strategy must be at the forefront of any organization. Adopting a digital strategy streamlines processes, improves productivity, and ultimately drives greater efficiency.
Digital transformation may include increased adoption and reliance on cloud applications and platforms, opening customer access to applications and data as well as enhanced access for an increasingly remote workforce. From an identity perspective, the traditional perimeter starts disappearing and starts to open up your organization to specific vulnerabilities—which is why managing and governing access to systems, applications and resources is essential to every business.
Identity Security (also known as Identity and Access Management or IAM) needs to be at the forefront of your organization’s cybersecurity strategy. Identity Security safeguards against risk by properly provisioning access, protecting your business at scale and ensuring regulatory compliance.
Transform Identity Security with Powered
At KPMG, we understand the challenges with increased data complexity, lack of process standardization and ineffective governance deployed for identity and access management programs. Our Powered Methodology can help organizations transform the identity function to better enable functional digital transformation and be more effective in delivering improvements in access risk reduction, more effective controls and better compliance outcomes.
Powered Cyber enabled by SailPoint combines the SailPoint Identity Platform with KPMG Powered Enterprise methodology to accelerate the delivery of identity cloud access management programs and services.
Powered Enterprise is an outcome-driven functional transformation solution tailored to the modern Cyber organization that enables businesses to prioritize and deliver IAM capabilities in a way that secures their critical assets. A transformed identity program centers itself around alignment with business objectives and an ability to integrate and be adopted within the organization. This means a predefined set leading practice use cases that establish a baseline set of processes.
According to a 2021 KPMG survey, 69 percent of CEO’s agreed that “strong cybersecurity is critical to engender trust with our key stakeholders.” CEO’s are starting to see cybersecurity as a differentiator—a competitive advantage—a way to build customer trust. However, if they want to engender their customers’ trust, they need to be able to implement and maintain an effective IAM program that restricts access to sensitive data and applications to authorized users.
KPMG Powered Cyber enabled by SailPoint transforms the way organizations approach identity and access management. It’s a functional transformation solution built around SailPoint Identity platform.
At the crux of Powered Cyber enabled by SailPoint is a prebuilt target operating model (TOM) to accelerate the delivery of identity and access management programs and services.
SailPoint Identity Security for the cloud enterprise provides among the largest view of all access across your organization, automatically scaling and protecting with AI enhanced visibility, detection, and remediation—enabling you to dynamically adapt access controls as your organization evolves. The SailPoint Identity Platform allows you to deliver, manage and secure access to every application, system, data and cloud platform across your hybrid environment.
A Target Operating Model Built on our experience
The goal of the KPMG Target Operating Model is to drive a dynamic functional transformation enabled by industry leading technology. The KPMG Target Operating Model is based on a deep understanding of how transformation works within, and across, an enterprise.
The model is made up of six layers which contain several ‘assets’ which are predefined and are designed to support the transformation journey. Each asset can be thought of as a collection of well-established solution accelerators comprised of predefined or prebuilt processes, workflows, definitions, integrations, reports, dashboards and even training programs.
- Functional Processes: Defining the Process Taxonomy, Start with the End in Mind
KPMG Powered Cyber enabled by SailPoint provides organizations with a baseline of 32 identity governance processes based on leading practices that dictate how to implement an effective identity and access management program. These functional processes include onboarding user access to new hires, as well as managing transfers and termination processes (joiner, mover, leaver). They also serve as the foundation for a zero trust approach to cybersecurity and inform the other five layers of the model.
- People, Roles and Responsibilities
Once the organization formalizes their identity approach and process taxonomy, the roles and responsibilities that will support, operate and manage the process must be defined.
Who will ensure the solution is implemented properly and that it’s meeting the needs of the organization? People, roles and responsibilities must be outlined within the model and mapped to specific processes, and those processes must also map to the people. KPMG has a set of predefined roles and responsibilities mapped to identity functions and the processes validated in previous layer. These roles can be modified to meet a client’s specific organization needs, and have been proven to establish clear ownership and accountability necessary for a successful transformation program.
- Service Delivery Model
The service delivery model is an organizational structure that organizes people, roles and responsibilities into various teams, and defines the structure of how those teams operate together. The people flow into the service delivery model—which in turn defines roles and responsibilities. Identity and access management programs are often complex in that they span across multiple executives and stakeholders. This layer defines how the role and responsibilities are effectively aligned across the organization in order to establish an effective program with clear ownership and accountability.
- Technology
The technology layer of the model also aligns to the functional processes with a pre-built configuration of SailPoint Identity Security. The KPMG “gold build” configuration for SailPoint Identity Security maps detailed configuration steps to each of the functional processes and use cases to further accelerate deployment and provide rapid value.
- Performance Insights and Data
Performance insights and data are predefined metrics centered around key performance and risk indicators that measure the success and value of the program. In this particular case, how well is SailPoint meeting its business needs? Are all users who are terminated from the organization deprovisioned within a defined time period outlined in the service level agreement?
Powered Cyber enabled by SailPoint has a set of pre- defined metrics that map to the leading processes. The potential benefit is an effective approach to how an organization reports on the value of the program—how well it’s reducing risk, improving operational efficiency, and how well it’s meeting compliance objectives.
- Governance
The last layer of the operating model is governance. You have defined processes, a team that manages those processes, technology that supports and enforces it, as well as KPIs and risk indicators that measure the success.
The governance layer is concerned with how well the solution is being governed. How can you tie the operating model together and ensure there is effective communication, the policies and controls are defined and mapped properly, compliance is adhered to, executives are receiving proper reporting, and that key stakeholders are being informed properly? Often an implementation is focused on the technical deployment and misses out on how to properly maintain the solution. The governance layer clearly defines how to maintain existing controls while adapt to changing business needs and compliance requirements.
