* Make IAM a cross-business goal: Too many organizations push responsibility for IAM over to the IT department. Business processes that include all departments will make sure nothing falls through the cracks.
* Solicit business involvement early: IT cannot solve the problem alone. They’re the custodians and the business is the end-user.  IT must engage with business and HR in lay language and find common denominators.
* Go proactive, not reactive: Organizations that fix IAM problems after the fact are already out of compliance. Taking a proactive, not a reactive approach to preventing erroneous access in the first place keeps the organization in true compliance.
Create an identity warehouse: Thoroughly scrub identity information stored by all internal systems so there is easy reconciliation and clear visibility into access granted to employees.
* Fix the controls: Deploy strict access controls during the onboarding process, then make sure they are followed throughout the employee’s lifecycle to derive the most value from your identity and access management program.
*Process, process, process: IT spends a significant portion of its time and budget on managing identities.  IT and the business divisions can realize measurable benefits from implementing processes that drive down wasted time and money.
*Go paperless: Going paperless with IAM liberates employees from the stacks of paper on their desks. An electronic IAM system can lighten the load across divisions by identifying holdups and speeding timelines.
*Prevention is the key: Get away from the “putting out the fires” mentality. True process control means that fires are prevented.

Read the all article here  Source Sacbee