Few organisations are using their investments in identity,
access, governance, risk and compliance technologies to gain a
competitive advantage, according to research firm Gartner.
Organisations have put strategic use of these tools on hold,
researcher Earl Perkins told an opening session of the Gartner
Identity and Access Management (IAM) Summit 2009 in London this
morning.
Financial services organisations were leading the way in using
these technologies to develop new business opportunities, but they
too have had to refocus their efforts on compliance and efficiency,
he said.
Gartner predicts organisations will take a more strategic
approach from 2012.
"So far IT departments have concentrated on the technical
aspects of IAM, but have failed to capture the business
requirements," said Perkins.
The greater the number of people involved in the IAM planning
and buying process, he said, the better the alignment will be of
IAM with business governance, risk and compliance (GRC) needs.
This in turn will drive organisations to pay greater attention
to processes and help improve process flows around IAM, he
said.
Another trend is that organisations are placing more emphasis on
access policy within IAM to increase the accountability of IT
users, said Perkins.
"GRC management demands effective IAM. Without it, organisations
will find GRC management difficult to do," he said.
Gartner also predicts an increase in the number of IAM and GRC
products from suppliers, but there is likely to be a significant
overlap, said Perkins.
In the planning and purchasing of software tools, organisations
should be aware of the potential overlap to ensure they do not end
up paying more than once for particular capabilities, he said.