Identity security awards: what the strongest IAM programs look like

TL;DR: Identity security is being used to speed onboarding, automate deprovisioning, and centralise access control across large, complex environments, with examples ranging from minutes to multi-year transformations, according to SailPoint. The signal is clear: IAM and IGA programmes are now judged on operational latency, lifecycle control, and scale, not policy intent alone.

NHIMG editorial — based on content published by SailPoint: congratulations to the 2024 customer award winners

By the numbers:

• After deploying SailPoint Identity Security Cloud, Health New Zealand provisioned 300 users to a new app within 10 minutes, avoiding at least 15-20 service desk tickets and 10-15 hours of work.
• RWE cut average onboarding time from 25 days to less than 3 hours after moving to Identity Security Cloud, even as its user base increased tenfold.
• 21-day process to immediate action., om an average of five working days to instant issuance, while deactivation moved from an average 21-day process to immediate action.

Questions worth separating out

Q: How should IAM teams reduce delay in access provisioning and deprovisioning?

A: IAM teams should measure the full lifecycle from request to revocation, then automate the steps that create the longest delays.

Q: Why does centralised identity governance matter in complex enterprises?

A: Centralised governance matters because complex enterprises need one authoritative view of entitlement state, ownership, and review cadence.

Q: What breaks when non-employee access is managed outside the main identity programme?

A: What breaks is accountability.

Practitioner guidance

• Measure lifecycle latency across joiner, mover, and leaver flows Track how long it takes to grant access, remove access, and close exceptions across each major identity population.
• Unify governance for employee and non-employee access Create a single ownership model for contractors, partners, and other external identities so certification cadence, approval paths, and offboarding do not vary by local team or application cluster.
• Prioritise deprovisioning over cosmetic access cleanup Focus first on removing stale access and immediate account closure, because delayed offboarding creates the largest residual exposure.

What's in the full article

SailPoint's full blog covers the customer-by-customer operational detail this post intentionally leaves for the source:

• The specific migration paths each customer used to move from legacy IAM or IGA tooling to SailPoint
• The award-category context that explains why each customer was selected and what outcome the vendor highlights
• The application and lifecycle examples behind the quoted onboarding and deprovisioning improvements
• The advocacy context for Admiral of the Year and how SailPoint frames customer participation

👉 Read SailPoint's 2024 customer award winners and identity security outcomes →

Identity security awards: what the strongest IAM programs look like?

Explore further

View Full Forum →  |  NHI Foundation Course →