Mastering Identity Management: Is HR Creating a Hostile Work Environment?

March 18, 2020
HR Rebellion

HR Rebellion

Identity and Access Management (IAM) is a unique IT solution because of its far-reaching scope. IAM touches everyone and everything in an organization.  Its reach extends from HR processes to the physical and system access of each individual. Once IAM goes live, the entire employee lifecycle is driven by the HR team and how they administer HRIS - the most critical system of record in the organization. Using IAM, routine administrative processes are executed automatically: user identities are created and synchronized to connected systems, personal computers are ordered, and security badges are requested - all without human intervention.

So, what happens if your HR team isn’t willing to engage in the solution? If you are not careful, you may become a poster child for a stakeholder rebellion. 

[feature_box style="10" only_advanced="There%20are%20no%20title%20options%20for%20the%20choosen%20style" alignment="center"]

Before you continue reading, how about following us on LinkedIn?

lang: en_US



Resistance originates when individuals who are not “insiders” in organizations are presented with requirements and demands that are outside their interests. Reluctance to change results from the lack of voice given to stakeholder groups in organizational decisions. Without early engagement, a shared stake in the outcome, and an equal share of influence, your needed stakeholders will be at best indifferent, at worst rebellious.  

Applied to IAM programs, this describes accountability across the organization on a large scale across HR and IT. This relationship implies that the HR team has some oversight from the business and assumes the responsibility of taking more ownership of how their data and processes impact the user experience and the business. Ultimately, there is a requirement to respond to stakeholders’ needs by revising practices, maturing HR processes, and enhancing performance as necessary.

When there is a lack of ownership and too much autonomy, it easily leads to a disregard for actively seeking stakeholder input. As HR starts making changes that impact IAM integrations without coordinating with IT, it degrades service levels, decreases end-user productivity, creates an increased risk of audit findings, and can undermine the organization’s security posture. While these may be unintended outcomes, they reveal a distressing lack of concern for the impact on the business as a whole.

Given generally weak business supervision, IAM programs that aspire to improve their organizations must shoulder greater responsibility. It behooves all organizations to have a shared sense of obligation toward solving these business problems, which begins with an Executive Sponsor and is fostered by a Solution Owner. Ideally, the Solution Owner has authority over both the IT and HR teams to focus both groups on the desired outcomes and best practices to drive results. When HR teams act unilaterally without regard to the impact they have on the broader business,  then we have a significant problem. The question to ask yourself is, “Do I see a sense of obligation in my organization’s actions across business functions?”

6 Lessons Learned to Prevent HR Rebellion

  1. Make sure you have a strong Executive Sponsor for your IAM solution
  2. Appoint a senior leader to own the User Lifecycle with authority over both HR and IAM
  3. Find the wins for your HR team (e.g. power to drive employee satisfaction, improved service, etc.)
  4. Never assume the HR systems and processes are aligned to the defined use cases
  5. Implementation is hard, maturing the solution is relatively easy
  6. Performance matters to the business and your users

One of the most effective ways to prevent HR rebellion is by engaging stakeholders in the planning and requirements phase. Developing an IAM Roadmap will drive strategic alignment and enhance the relationship between IT and business leaders. The process of building an IAM Roadmap opens the lines of communication, establishes business priorities, and creates a shared understanding of the value delivered. While the technical ins and outs are well understood by IT departments, there is often a gap communicating the promise of IAM to business stakeholders in terms that are compelling. If you want to learn how to secure funding and win executive buy-in for your IAM project, tune in to How To Secure Funding for your Identity Management Program.


secure funding for your identity management program


Follow @Idenhaus on Twitter and subscribe to our Identity Management biweekly and/or our healthcare IT biweekly newsletter.


Idenhaus is honored to be featured in the Top 10 Identity Governance and Administration Consulting/Service Companies of 2019.

By going to work quickly to solve the most challenging cybersecurity and identity management problems, Idenhaus takes the pain out of securing corporate information and assets for companies that aspire to maximize their potential in this digital age. Click here to contact us

More News