Methodology
Tivoli Identity Manager
Tivoli Identity Manager
Role and policy based
ID provisioning.
Tivoli Access Manager
Tivoli Access Manager
Centralized access
control and SSO.
Tivoli Directory Integrator
Tivoli Directory Integrator
Data level integration across identity data stores.
Architecture Design
Architecture Design
Services to build security solutions for your company.
Medical Data Protection
Medical Data Protection
IT healthcare Solutions That enhance security & convenience.
Methodology  
 

Watson SCS uses a methodology developed by its founder, Kyle Watson, formerly a Senior Security Architect at IBM. The Watson Method consists of:

  • A proven approach to translating business and security objectives into a solution oriented architectural design;
  • A set of patterns for gathering requirements, designing solutions, and context work;
  • A maturity model that helps to define ‘what is possible’ in terms of Identity Management, based upon your company's existing business processes and security definition;
  • An implementation approach that adheres to the maturity model while providing direct business value and quickly delivering measurable financial and operational benefits to the organization.

Watson SCS is an IBM business partner focused on security. The Watson Method has been built by leveraging the experience of working directly for IBM and on IBM customer projects, and infusing that knowledge with external independent ideas to create solutions that are customizable and unique. The Watson Method is not for sale or licensed use. It is exclusively for use on Watson SCS customer projects.

Below is an image depicting the Watson methodology for Identity Management Professional Services (Identity Management On Demand is a different, but similar, methodology). Clicking on the image will provide a larger view. Items in blue are considered client requirements (our clients work with us on the project implementation). The methodology is designed to achieve consensus and set expectations in the first two to three weeks of the project. To do this, we produce key deliverables during the major portions of the project lifecycle. This is a delivery methodology based upon the traditional Plan/Assess/Design/Implement/Run method, but has been refined for rapid delivery, specifically geared toward Identity and Access Management projects.

Identity Management Implementation Methodology

Enlarge Image

Click to Enlarge

The list below can be expanded to review the specific process and deliverables that make up the methodology.

  Pre-Project Start

We use this non-billable time to ensure that the appropriate software, including adapters, are licensed to ensure success. We work with the client to understand the key business drivers and implementation deadlines, and provide a project schedule to achieve them. During this period we provide the following deliverable:

  • Project Plan - A Microsoft Project Work Breakdown Structure (WBS) of the resources, activities, tasks, and milestones is provided in a timeline that is aligned with our client's goals.

  Base (Weeks 1-3)

We use this time to gather context about your environment, identify gaps, and produce a framework of what will be delivered in the requested timeframe. In addition, we build out the base test environment for the Identity Management solution to be built. At the end of this short project segment the "80%" of what we will build is established, and agreed upon with our clients. During this period we provide the following deliverables:

  • Completed Discovery Guides - These are provided in the form of Microsoft Word discovery documents. Our specialists work with clients to complete information gathering forms to determine the current state of processes and systems. This information fuels the construction of the next two deliverables, and is provided to the client as a history of how we come to our specific conclusions about the operating environment.
  • Readiness Assessment - A Microsoft Powerpoint Presentation is provided to display our findings, recommendations, and prerequisites to achieve the objective as outlined during Pre-Project Start. Specifically, we cover the following topics:
    • Business and Security Objectives
    • Executive Sponsorship and Support
    • HR Processes and Data
    • Administration and Enrollment
    • Managed Systems
    • Test and Promotion Process
    • Systems and Security Administration
  • Architecture Framework - This Microsoft Word document is an early project deliverable that may be considered a "glimpse" into what will be the eventual solution design. The deliverable is designed to ensure that business, technology, and consulting teams are in unison with the proposed approach before too much time elapses down, potentially, the wrong path. It also provides a high level solution approach that will provide enough detail to understand what solution is being built and how the team plans on building it. Specifically, we cover the following items:
    • Framework and design approach
    • Architectural deployment models for required environments
    • Hardware and Software requirements
    • Operational models
    • Architectural decisions

  Pause (If Required)

Some clients may require a pause period to implement the prerequisites defined in the readiness assessment. If this is true, we work with the client to build these solutions, pause work while the client handles them, or help the client restructure the project in phases, to move some subordinate issues from early to later phases.

  Identity Feed (Weeks 4-9)

We use this time to define and build the integration with the Systems of Record (SOR), and produce the actual requirements for the remainder of the end-to-end solution. An Identity Feed is the synchronization of person information from a system of record, such as an HR database, to the Identity Management system. This includes the actions we are expected to take when person information in an HR system changes, like status codes and terminations. During this period we actually build and unit test the identity feed. In addition, we produce the following deliverables:

  • Requirements Document - A Microsoft Word document detailing the specific requirements of the solution being implemented is provided at this time. Good requirements are testable and conform to language such as MUST or MAY. We create requirements that conform to this way of thinking.
  • Acceptance Test Plan - A Microsoft Excel Spreadsheet is created to display test cases with expected outcomes for many scenarios. For example, the Identity Feed may require test cases for new hire, transfer, retire, and termination. In each of these cases, and alternate scenarios, a specific test item is built for execution and tracking. In addition, if test data is required, the test plan outlines the test data necessary.

  Application Integration (Weeks 10-15)

We use this time to define and build the integration of systems that have user IDs that will be managed by the solution. This includes creation, modification, suspension, and deletion of User IDs on systems in the scope of administration of the Identity Management solution. During this period the Identity Management system is actually integrated and tested with test environment applications to ensure that the policies perform as designed and expected. The following deliverables are produced:

  • Solution Design Document - This Microsoft Word document expands upon the Architecture Framework and incorporates the Requirements Document in order to produce the final system environment expected by our clients. It includes Identity Management specific issues such as:
    • Identity Feed - the final design of the feed produced during Identity Feed
    • Identity Policies - how user IDs shall be constructed for each type of person
    • Password Policies - password creation design for integrated systems
    • Password Management - how password synchronization, reset, and change shall operate
    • Organizational Structure - where specific persons from the Identity Feed and other systems and policies are placed within the Identity Management Solution
    • Organizational Roles - what specific defined roles an identity may belong to within the system to associate them to Provisioning Policies
    • Provisioning Policies - specific rules about what an organizational role is allowed access to on one or more system, including whether or not that access is automatically granted and enforced
  • Run Book - A Microsoft Word document detailing the instructions on how to install and configure the solution is provided. The run book also contains details on how to start, stop, and manage logging. Finally, configuration management (moving the configuration from one environment to another) is built here.
  • Test Results - The Microsoft Excel Worksheet built as a Test Plan is provided, along with executed test results.

  Production (Weeks 16+)

We use this time to work with our clients to deploy the solution to production, build awareness with end users and helpdesk, smoke test, and go live!





Home  |  Services  |  Careers  |  Privacy Policy  |  About Us  |  Contact Us
Copyright © 2010 Watson SCS, Inc. All Rights Reserved.