Notifications
Clear all
Topic starter
25/06/2026 5:19 pm
TL;DR: Pick n Pay says manual access requests in its legacy identity stack consumed significant time and effort, and the company moved to automated identity and access management workflows with SailPoint IdentityNow, according to SailPoint. The lesson is broader than one retailer: access handling that depends on manual coordination does not scale cleanly across modern identity programmes.
NHIMG editorial — based on content published by SailPoint: Pick n Pay and SailPoint - Growing Together in a Co-Innovative Partnership
Questions worth separating out
Q: How should teams reduce manual access request workload without weakening IAM governance?
A: Start by standardising the most common access paths and assigning clear entitlement owners, then automate only the workflows that already have defined approval logic.
Q: Why do manual access request processes create governance risk?
A: Manual processes increase the chance of inconsistent approvals, slow fulfilment, and weak audit trails.
Q: What should identity teams measure after automating access requests?
A: Measure request turnaround time, repeat request volume, approval consistency, and the number of exceptions still handled outside the workflow.
Practitioner guidance
- Map manual access queues to policy-backed workflows Inventory the access requests that still depend on email, ticket chasing, or spreadsheet approvals, then convert the highest-volume paths into governed workflows with explicit approval criteria.
- Define entitlement ownership before automation Assign named owners for applications and access roles so automated fulfilment has a clear decision source and review point.
- Use access request volume as a governance signal Track which applications generate the most manual requests, because repeated demand usually indicates weak entitlement design, poor role coverage, or unclear request standards.
What's in the full article
SailPoint's full blog covers the operational detail this post intentionally leaves for the source:
- Customer commentary on the manual request pain point and why it affected internal stakeholders
- The specific way IdentityNow was used to automate access workflows across the organisation
- The business context behind Pick n Pay's identity modernisation journey
- The short customer story framing used by SailPoint and Pick n Pay
👉 Read SailPoint's blog on Pick n Pay's identity and access automation story →
Legacy access requests and IAM automation: what teams should notice?
Explore further
25/06/2026 5:56 pm
Manual access administration is an identity governance debt, not an efficiency issue. When requests depend on people to move work between systems, governance becomes slower, less consistent, and harder to evidence. That matters because access control is only as reliable as the process that applies it, and manual handling makes that process variable. Practitioners should treat manual request volume as a measure of governance debt, not just service desk pressure.
A few things that frame the scale:
- Only 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap, according to The State of Secrets in AppSec.
- The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
A question worth separating out:
Q: How do access request workflows relate to lifecycle governance?
A: Access requests are only one part of lifecycle governance. Joiner-mover-leaver controls, recertification, and ownership reviews determine whether access stays appropriate after it is granted. If those controls are missing, automation may speed up provisioning without fixing privilege creep or stale access.
👉 Read our full editorial: Pick n Pay's IAM automation story exposes legacy access bottlenecks
