The Banktastic Blog

With the increasing number of collaborative business models, information databases and social networks, sharing and managing identity and access information has become critical. Compliance regulations, Sarbanes-Oxley, Basel II, FISMA, HIPAA, PCI/DSS and the like, play a larger role when establishing processes and controls to mitigate internal and external risks.

Seems so logical to me, why do people fight this so much? This passage resonated with me the most:

"Plan
The first step in IAM governance is establishing agreed-upon business objectives and priorities, including executive sponsorship. Then the organization should perform an internal process and data discovery assessment and examine the processes for bringing users into and out of the organization."