identity engagement timeline

Typical duration: 5-18 weeks
Scope impact: # of disciplines included, # of user constituencies, # of integrations

1-4 weeks

collaborative workshops

We start with collaborative workshops and process walk-throughs with your subject matter experts and business stakeholders. We use these sessions to learn about your organization, culture, and business drivers, as well as your current state identity architecture, infrastructure, application portfolio, integrations, and administration.

1-4 weeks


We gather observations and document your current state environment. We also document your business, functional, technical, and non-technical requirements.

1-2 weeks

gap analysis

We document strengths and opportunities for improvement using our assessment method and tools. We help you articulate a desired future state, and use that to conduct gap analyses against good practices collected from hundreds of prior engagements. 

1-4 weeks


We develop risk-informed recommendations to address every identified gap. Recommendations are influenced by your business drivers, culture, talent, risk posture, risk appetite, risk exposure, current technology investments, current projects, and planned budget.

1-4 weeks


Recommendations typically consist of actions and projects. Actions are one time events, such as hiring talent or acquiring technology. Projects can be time-bound or ongoing efforts, and usually entail process re-engineering and technology implementation. We help you develop charters for every project, organize them into initiatives, and prioritize them on a 3-to-5-year roadmap.

Identity Practices                                            

Administration & Governance
• Enterprise Identity
• Consumer Identity
• Privileged Identity
Auditing & Assurance
Credential Management
Permission Management
• Birthrights
• Entitlements
• Privileged Access
Policy Modeling
• Group-based
• Role-based
• Attribute-based
• Policy-based
• Discretionary
Privacy by Design 

Identity Technologies                                   

Access Provisioning & Requests 
Authentication (run-time)
Authorization (run-time)
Cloud Services
Directory Services
Directory Integration
Diretory Synchronization & Virtualization
Identity Data Access & Sharing
Multifactor Authentication
Privileged Access (run-time)
Reduced & Single Sign-on 
Service Management