Turn on javascript!

To get the very best experience at you need to turn Javascript on in your browser.

IdAM provides missing link to simplifying onboarding process at central Government Agency – RedRock Consulting
Central Government Agency

IdAM provides missing link to simplifying onboarding process at central Government Agency

IdAM provides missing link to simplifying onboarding process at central Government Agency

The Opportunity

The Agency was undertaking an exciting period of digital transformation and part of this programme included simplifying and standardising the onboarding process and movement of employees to new job roles/departments or leaving the organisation.

The process in place was very manual and required paper forms to be filled in by hand with user information and then scanned to the helpdesk for IT to create or amend a user account. This led to several issues:

  • Inconsistent data quality in the HR system
  • Weakened security as users were left with access to systems they didn’t need within Active Directory when moving to new job roles or departments
  • Similar positions labelled with different titles led to confusion over which titles needed what access
  • Misconfiguration of permissions with some users wrongly having elevated privileges
  • Difficult to comply with GDPR as there was no ability to perform audits or generate reports to see who had access to what.

From our discussions with the Agency, Identity and Access Management (IdAM) was identified as offering the best potential to combat these issues. IdAM is a service for managing digital identities and user access to an organisation’s systems and network. It gives users access to the networks and systems they need while restricting access to those they don’t through creating a unique digital identity.

After a competitive tender process, RedRock was chosen as the Agency’s delivery partner to support this programme.

Our Approach

At RedRock, we underpin all our Managed Professional Service engagements with the same core values:

  • Client enablement
  • Teams of excellence
  • Impartiality

Each engagement is directly overseen by one of our Technical Directors to ensure this. From the outset, our Technical Director collaborated with the Agency to ensure we fully understood the project’s desired outcomes. This also included monitoring progress and performance, providing updates and support where necessary.

The challenge with IdAM is that it is difficult to implement within an organisation, regardless of size, and has various challenges to overcome for a successful delivery. This is due to IdAM affecting large areas of the business including:

  • All users of the system
  • Numerous business processes
  • Every IT application
  • All infrastructure components

Because of this, a successful delivery requires input and cooperation from many departments and teams, an effort which can be difficult to organise.

With this in mind, and from our discussions with the Agency we were able to provide the following:

  • Business Analyst
  • Senior Solutions Architect
  • Both experts in their field with a history of delivering successful projects
  • Team co-located with the in-house team within 4 weeks from the initial request.

Our Solution

Our team engaged with the Agency and all other stakeholders, holding a series of meetings and workshops to ensure everyone involved had a chance to discuss the current issues, and fully understood the process and technical infrastructure already in place that needed to be mapped onto the IdAM server.

Our approach to ensuring a successful delivery was to complete a discovery report comprised of:

  • Findings
  • As-is state
  • To-be state
  • Solution options
  • Recommendations

This fully costed report was split into modules and presented to the Agency to ensure they could review the issues, recommendations and timelines to resolve these, giving them a full understanding of the process.

One of the key findings discovered were issues with the current data quality in Oracle Fusion, their HR system. Large numbers of user accounts weren’t assigned a job title, line manager, department or employee ID. This meant the data couldn’t be properly synced with Active Directory, preventing a successful IdAM delivery.

To overcome this, we are working closely with HR and Heads of Departments to agree upon reducing and standardising job roles across departments and divisions, then applying changes to employee contracts. This process requires support and sponsorship from the highest levels of the organisation to successfully implement.

Once a reduced profile of job roles has been agreed upon and rolled out, each employee’s job role will be updated within Oracle Fusion and these updates can then be synchronised with Active Directory.

The Outcome

The discovery phase of this project is now complete and as a result of our findings, and from discussions with the Agency’s stakeholders, we will shortly begin the process of implementing IdAM to achieve the following:

  • Effective records management – enabling a swift response to GDPR information requests
  • Improve security process – full control over who has access to systems
  • Role Based Access Control – align employee identities with job role profiles providing access to applications, resources and services
  • Privileged Access Management – improving control of administrative access to systems, ensuring the right level of access is given to appropriate users for the right amount of time
  • Microsoft Identity Manager – synchronise identity data between various systems such as Active Directory and Oracle Fusion
  • Public Key Infrastructure – issues and revokes security certificates to users, enabling the secure, encrypted, transmission of data across networks, including the internet
  • Introduce workflow approval process to improve accountability and auditing measures
  • Vastly improve end-user experience
  • Reduce IT administration and help desk costs
  • Improve employee productivity from features such as self-service password resets
  • Improve understanding of the identity infrastructure within the Agency.

Our relationship with the Agency has gone from strength to strength and we have successfully supported them with numerous projects as part of their wider digital transformation, providing them with experienced and reliable teams who are able to hit the ground running and work collaboratively with the Agency.


Ready to talk?

See how we can deliver the positive change you need. Talk to one of experts today!

Get in touch

Very old browser!

To get the very best experience at you need to update your browser to a newer version.