The key message that I wanted to bring back to South Africa and in particular, my customers, was how we measure up in comparison to the global landscape. Last week, my team and I pushed the final release of a three-year IAM program into production for one of my favourite customers, WesBank. Having noted the challenges experienced, the issues encountered and the progress achieved by other international organisations across industries, I am happy to report that what my team have delivered for WesBank is world class and I would even go so far as to promote WesBank as leaders.
WesBank have managed to get all the basics right, grabbing users as close to their source and managing them throughout their entire lifecycle. Profiles are self-managed and accounts are provisioned based on business rules applied to a combination of attributes and roles (after the relevant approvals, of course). Segregation of duties checks ensure that users never get more access than they should across the key financial systems and quarterly attestations ensure that access is never allowed beyond when it is needed. Privileged accounts are checked in and out as needed with sensitive operations recorded and tracked - all on a geographically distributed platform that has achieved a true 99.99% availability SLA.
Our ISO is thrilled but what gets us both excited the most is the service that we can offer back to the business units. Unlike the overseas companies who are still discussing provisioning, our conversations with the business are about enabling predictive analytics, robots, hybrid cloud and mobile.
WesBank is truly a world class leader.
Reflecting back over the three years, I wanted to end my proud boast over what we have achieved with four reasons why I think WesBank have succeeded where others have not. Perhaps you are thinking about starting your IAM journey or are currently struggling through one, this might be useful:
- (Top Reason) Executive Support - WesBank was one of the few organisations where I could walk into (both) the CIOs office and ask for help. In fact, every Executive in the Bank knew what IAM was, when it was being delivered and what value it added to the organisation. The support was invaluable and I am very grateful.
- Trust your Vendor - I've done work for some organisations who won't even let you talk to the Programme Director, never mind attend Steercos or pick the brain of an Executive. WesBank brought us in as experts and advisors and with that trust came great responsibility. We both played open cards and went on the journey together.
- Expert Programme Management - This isn't somebody who runs morning stand-ups and tracks progress on a Microsoft Project Plan. Our PM ran defence when he thought we were being treated unfairly, told us off when he thought we were in the wrong, broke down barriers and brokered a favour or two. IAM programs are long and political and you need someone who's only interest is in doing the right thing for the customer.
- Invest in Analysis and Process Re-engineering - 70% of our deliverables on the project were document deliverables and we managed to get every single one of them printed and signed with a handwritten signature by the relevant stakeholders. By investing the time in understanding the processes, data and architecture, we were able to deliver something the business wanted and by getting them to physically sign the documents, we delivered something that the business had actually read about and understood.