Many organizations treat IAM as a subset of creating users accounts, whereas the governance of IAM is fragmented across HR, security, IT, and privacy. We’ve found when we’ve gone in to help organizations mature their IAM program, we are primarily solving account management problems and conducting extensive account clean-up. We then must create new governance and processes for the app owners/organizations moving forward. Many organizations today have a process for their users: vet the person to create an identity, obtain a credential for the person, allow the person access willy-nilly to apps, then forget to terminate access once the person leaves. These steps are typically isolated business processes, executed in a fragmentary process across disconnected organizational units, and not part of an integrated identity governance process. Not only does this create silos between each step, but it also results in a lack of understanding of the architecture and data flows of the organization. This session will discuss real-world experiences in creating a more-robust, identity-centric IAM program and helping sell that program to the C-suite in terms that go beyond compliance and how those minor changes have helped organizational leaders better understand the importance of IAM. (Provisioning/User Lifecycle, Enterprise Identity, Architecture, Deployment, Christine Owen)