The most over-looked step in any project or program, and the most critical, is the gathering and documenting of all the requirements. Most companies and consultants working on identity projects and programs today tend to move directly to the design phase and begin assigning architectures, technologies and products that they are comfortable with, typically due to past performance.
Ipsiti advises our customers to spend a significant amount of time documenting the existing and desired business process, data workflow, use cases, timelines, infrastructure, etc. before any design work is even considered. The exercise of documenting all the requirements not only cements these elements internally and with stakeholders, it also enables the subsequent issuing of crystal clear RFI’s/RFP’s with task orders and the building of a vendor compliance matrix to keep the project focused on the goals at hand and to prevent feature-creep that may add unnecessary cost and complexity.
Moreover, in the 21st century, identity programs have very specific role-based and risk-based business rules that demand highly dynamic workflows in order to respond to the ever-increasing mobile and roaming client/user environments and varying level of threats to the system. Ipsiti maintains a holistic view of the customer’s requirements by leveraging various modeling tools to refine the workflows and use cases and completely reflecting the real-world business processes.
Once the requirements have been thoroughly reviewed and documented, the system designs can be white-boarded and built. The typical deliverables include:
- Software Layer/Services Diagram
- Network/System Diagram
- Database Schemas
- Interface Specifications
- Standards Compliance Mandates
- User Interface Specifications
- System Metrics and Reporting Specifications
- System Administration Specifications
Ipsiti is a proponent of services oriented architectures (SOA) and an enterprise service bus (ESB) when building identity related projects and programs. SOA, when designed and implemented correctly, have demonstrated the ability for vendor independence such that vendors can be readily changed-out in the future to take advantage of performance gains, new functionality, new operating platforms, reduced operational and maintenance costs, etc.
Designing and deploying SOA-based projects and programs can be daunting, especially when various system services are exchanging sensitive identity data that must be protected in conjunction with specific laws, policies and mandates that include legal and financial consequences if not followed. Therefore, the security components of the SOA are paramount and must include specific logical and physical access controls tied to each system service role and user role.
Ipsiti can provide some, many or all of the pieces necessary to deliver a project, depending on the particular customers’ needs. Ipsiti has broad and deep experience in planning and executing all phases of identity and security programs, whether they include the development of a product suite for a solution provider or management of a
Once the design elements are in place, Ipsiti can assist your organization in selecting the most appropriate acquisition mechanisms and the development of requests for information (RFI), quote (RFQ) and/or purchase (RFP).
Ipsiti’s experience with the various identity-related vendors will help you best-fit the compliance matrix, detect price inconsistencies and find the most competent and appropriate vendors for your project or program.
By breaking the delivery of the solution into specific task orders related to milestones and reasonable delivery dates, it becomes easier for you to determine how and when to issue acceptance certificates and late fees or bonuses to the various vendors.
Ipsiti technical and programmatic professionals have delivered dozens of very large scale identity programs over the years. Ipsiti program managers will assist you in making sure vendors deliver on-time and on-budget and to predict and detect looming issues before they happen. Ipsiti technical subject matter experts ensure what was specified matches what you are getting.
System integrations can be messy without a clear understanding of data exchange mechanisms and data formatting. This is why Ipsiti builds in a system orchestration and workflow specification in our customer designs that stipulates what data is being exchanged when and how between the various system services internally and external third parties. This takes the guesswork out of the system integration effort.
A key component of solutions designed by Ipsiti is specifying metrics collection capabilities based on requirements gathering that empowers our customers to track statistics and adjust the system as needed to compensate for issues that are discovered. Implementing and testing this metrics collection during the Delivery phase ensures that reporting during the O&M phase is flawless. Many of our customers elect to implement one or more “dashboards” that unifies administrative, metrics and reporting functions from many different systems and subsystems into an easy-to-use, common graphical interface with drill-down and data mining capabilities.
Operations and Maintenance
As Ipsiti has met with various end-customers around the world, we have learned that many identity-related systems are operating in a significantly disabled state, or in some cases are not operational at all. Why? Because the vendors delivered ineffective systems that were not scalable or extensible, lacked critical functions needed by the program or delivered the basic system and then cut-and-run to the next opportunity knowing their customer was unable to properly support and maintain the system.
Ipsiti encourages our customers to take advantage of our ability to build a program roadmap that includes an internal support and training plan (turn-over in staff is a major contributor to poor system performance and forgotten capability in identity–related programs). This roadmap will also determine the extent that vendors are relied upon during the O&M phase.
Another very helpful component of O&M is a help desk. The help desk, even if it is only one person, provides a systematic, script-driven approach to handing support issues both internally and from stakeholders and customers using the system. Ipsiti helps our customers to design help desks that leverage process-of-elimination techniques without introducing unnecessary or unrelated steps that frustrate the caller/mailer. A good help desk process can drastically change the perspective of success of any identity-related project or program.