IAM Modernization Program Overview
8/31/2017 - The IAMMP Phase 1 Project is nearing completion. The project team is working to complete final testing activities internally and with Early Adopters. Preparations for Go Live at the end of September 2017 are underway. Campus outreach and engagement are planned to increase adoption of group and role management functionality available with the implementation of SailPoint. A reassessment of priorities for Phases 2 and 3 has begun to plan and communicate the next implementation milestones.
The Identity and Access Management Modernization Program (IAMMP) will guide a set of projects whose goal is to modernize the University's Identity and Access Management systems, business processes, data management, and technical architecture, as envisioned in the IAM Roadmap. IAMMP includes the implementation of new IAM tools, the transition and/or retirement of legacy IAM tools, and the bridging and integration work required to maintain IAM services as the campus computing landscape transitions during the Administrative Systems Modernization Program. IAMMP will help ensure that the individual projects related to IAM modernization are aligned technically with the new IAM technical architecture and integration strategy, that resources are allocated efficiently across projects, and that cross-project issues are identified and resolved effectively.
The goals of the IAM Modernization Program include:
- Implementation of SailPoint IdentityIQ and the new and enhanced IAM services in scope for the program;
- Transition and/or retirement of legacy IAM services in scope for the program; and
- Implementation of required integrations and bridges with source and consuming systems as those systems change as part of ASMP.
To achieve these goals, IAMMP will identify, plan, resource, and monitor a set of projects. IAMMP will provide a common oversight and management structure for these projects. Each project in the program will be integrated into the overall program schedule to ensure it is aligned with program priorities and resource availability.
The project scope includes:
- Identity administration and provisioning;
- Password and credential management;
- Access request and approval management, including access recertification;
- Group and role management, including role-based access management;
- Enterprise authorization reporting (via an authorization repository that collects authorization information from all University systems); and
- Risk-based security controls and assurance level management.
IAMMP will also include the transition and retirement of many legacy IAM systems. IAM systems that are in scope of for transition or retirement include:
- TIM (uTexas Identity Manager)
- TOM (TED on the Mainframe)
- OHS Contacts System
- SSN Reference Framework
In addition, IAMMP will include projects to integrate the as-is and to-be IAM environments with both source systems and consuming systems across campus, including those changing as part of ASMP.