Program Governance and Leadership
In any Identity, Credential, and Access Management (ICAM) program, you’ll need someone to develop, manage, and enforce agency-specific policies, processes, and performance measures.
Governance is the set of practices that help your agency ensure that ICAM operations are successful. Governance helps your agency make decisions, manage enterprise policies, and improve efficiency.
An enterprise governance body develops and implements policies, rules, and procedures to manage the program. They collect data to monitor, analyze, and report on how well your ICAM program conforms with these policies, rules, and procedures. They also serve an important security role, to quickly remediate any problems or vulnerabilities within the program before a security or privacy breach occurs. You’ll need to establish a recovery plan to ensure continuity of service to prepare for such an occurrence.
The pages that follow explain how to establish a formal identity management governance structure within your agency.
You don’t have to start from scratch. Instead, model your agency’s ICAM governance structure after existing programs. See the Governance Examples and Guidance section for agency steering committee and PMO examples, as well as other authorities to consider.
Governance Body vs. Program Management Office
Governance bodies provide top-down leadership support and guidance across the programs within an agency, while Program Management Offices provide operational support for the day-to-day execution of the tasks within the program.