AI decision support for identity security: what changes for IAM teams

TL;DR: AI and machine learning are being used to improve access decisions, role discovery, certification guidance, outlier detection, and executive reporting in identity security programmes, according to SailPoint. The core shift is that manual governance cannot keep pace with app sprawl, so decision support and workflow automation now define operational identity maturity.

NHIMG editorial — based on content published by SailPoint: Gain value on day 1: AI-derived decision support for your identity security program

By the numbers:

• The number of apps in use by the average enterprise increased by 20% in 2020.
• Organizations with 500-2,000 employees now use approximately 700 cloud apps monthly.

Questions worth separating out

Q: How should security teams use AI to improve access reviews without removing human accountability?

A: Use AI to surface context, rank exceptions, and recommend likely decisions, but keep the certifier responsible for the final approve or deny action.

Q: Why do identity programmes need access history if they already have current entitlement data?

A: Current entitlement data shows what access exists now, but it does not explain how that access accumulated or whether it was inherited through job changes, projects, or stale approvals.

Q: What do security teams get wrong about role discovery and role modelling?

A: They often assume role modelling is a one-time design exercise.

Practitioner guidance

• Prioritise exception-based access reviews Use recommendations and peer-group context to direct certifiers toward unusual entitlements, cross-functional access, and identities that no longer fit their expected role.
• Build outlier detection into certification workflows Flag identities with access that spans multiple peer groups or diverges from role models, then require a human review path that includes business context and recent change history.
• Treat access history as evidence, not reporting only Preserve access requests, certifications, and entitlement changes so reviewers can see how current access emerged over time.

What's in the full article

SailPoint's full blog covers the operational detail this post intentionally leaves for the source:

• How its AI-driven identity security capabilities map to role discovery, role insights, certification recommendations, and access request recommendations
• Examples of the static and historical data needed to make decision support work from day one
• How the Access Intelligence Center presents persona-based dashboards for compliance and executive reporting
• The product-oriented explanation of how SailPoint combines machine learning with professional services during onboarding

👉 Read SailPoint's blog on AI-derived decision support for identity security →

AI decision support for identity security: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →