1. What is the Identity and Access Management Modernization Program?
2. Why are we modernizing the IAM systems and processes?
3. Why are we implementing SailPoint IIQ and what are the benefits to UT Austin?
4. What is Group and Role Management?
5. What is the current timeline?
6. Who will be impacted by IAMMP in Phase 1?
7. Will SailPoint IIQ replace the legacy authorization systems like Apollo, DPUSER, and OHS Contacts?
8. What resources will be available to support the transition to SailPoint IIQ?
The Identity and Access Management Modernization Program (IAMMP) is a set of projects whose goal is to modernize the University of Texas at Austin’s Identity and Access Management systems, business processes, data management and technical architecture.
IAMMP consists of the implementation of SailPoint IdentityIQ (IIQ) to transition and/or retire legacy identity and access management tools as UT Austin’s computing landscape transitions during the Administrative Systems Modernization Program.
SailPoint IIQ is a security platform that allows the right people to access the right resources at the right times and for the right reasons.
The modernization of our current access management processes will reduce security risks while increasing business efficiency and improving user experience. Please visit the Benefits page for a complete list of the benefits being delivered by the IAM Modernization Program.
IAMMP includes the rollout of functionality over three phases through 2019. The project is currently in Phase 1, which is expected to be completed by the end of September 2017. Please visit the Phases and Timeline page for an overview of the implementation timeline and more detail on the remaining phases.
Group and Role Management is an approach to help manage authorizations in an application. It allows an organization to manage application authorizations more efficiently by treating a collection of users who need the same type of application access as a unit. One or more authorizations can be associated to the group or role and users can be assigned to that group or role either by request or automatically based on some attribute they possess (their department, job title, position, etc.). For more information about Group and Role Management functionality, please review the Group and Role Management articles in the SailPoint IIQ service page.
The goal of Phase 1 is to establish the foundation of a new Identity and Access Management infrastructure for campus, including implementation of a modern IAM technical architecture, the SailPoint IIQ application, and Group and Role Management functionality.
For the Phase 1 rollout of Group and Role Management functionality, the IAMMP team has met with various Application Owners across campus to identify applications that will serve as early adopters. For those applications selected as early adopters, the IAMMP team has worked with the respective Application Owners through meetings and workshops to define roles and assignment rules to integrate those applications with SailPoint IIQ.
The IAMMP team has also worked with the Workday team to prepare for the upcoming Workday go live.
We are implementing SailPoint IIQ for numerous reasons including modernizing the identity and access management system and delivering a business-oriented identity governance solution which consists of Group and Role Management functionality.
The key benefits that SailPoint IIQ brings to campus include flexible IAM processes and tools, increased efficiency via streamlined IAM processes, faster onboarding and offboarding, and consistent risk management.
The IAM team has identified use cases for how Apollo, DPUSER, and OHS Contacts are being used across the community and will be creating mappings to identify how and when those use cases can be addressed with SailPoint IIQ and other tools. More information is available on the Legacy Authorization System Roadmap (LASR) Resource site. You can also subscribe to the LASR mailing list to receive updates on the LASR project.
The IAMMP Team will work closely with cross-functional teams to provide ongoing communications, updates, and training.
Details regarding trainings, quick reference guides and other reference materials can be found in the SailPoint IIQ service page.