Sequencing the IMA Effort

We've spent a great deal of time talking about the individual components of the IMA, but you may be wondering about sequencing the various steps. Figure 20-2 shows the phases in building an IMA and when each of the components comes into play. I've divided the effort into three primary phases: the initiation phase, the building phase, and the implementation phase.

Phases in building an IMA

Figure 20-2. Phases in building an IMA


The initiation phase is when the vision for the IMA is created and the governance process is put into place. Business principles are determined at the end of this phase. The initiation phase may take a great deal of time, depending on how hard it is to create the vision for identity management in your organization.

The building phase is when most of the work gets done. The business function matrix and process inventory are created first. They overlap because as business functions are determined, some process inventory work can be started. For a large organization, this overlap might be significant. A small organization will find that the function matrix must be completed entirely before the process inventory can begin.

As the process inventory is completed and the gap analysis begins, the data inventory can be done in parallel. Remember that these two activities are complementary and may require some iteration. With the process inventory complete, the first draft of the interoperability framework (IF) can be written. This in turn allows policies to be written. Notice that drafting and reviewing policies overlap, because there are a number of them and the review of one policy can be done while another is in the drafting stage. The diagram does not show the iterative nature of the review and drafting activities.

During the final part of the building phase, the reference architecture can be completed, based on the process inventory, identity data inventory, and IF. The data structure and exchange standards can be created at this time. Also, the organization can begin to automate and improve processes as necessary.

The implementation phase is when the IMA lifecycle shown in Figure 14-1 comes into play as the components built in the second phase are used and revised.