Stakeholder perspective in identity and access management : identifying key IAM requirements through stakeholder analysis in a manufacturing company
Hare, Iiris (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025121235352
https://urn.fi/URN:NBN:fi:amk-2025121235352
Tiivistelmä
Identity and Access Management (IAM) plays a critical role in safeguarding company data by ensuring that the right users, machines and software components have appropriate access at the right time. Identity Management (IDM), a key subdomain of IAM, provides the interface for managing the entire lifecycle of user identities and their access rights. This thesis was conducted in collaboration with a global manufacturing company. Manufacturing environments demand strict access control due to high automation and hazardous conditions. In such environments, effective IAM plays a critical role in ensuring operational safety and continuity. The aim of this thesis was to identify intensive IAM stakeholders in the company, explore their expectations and values, and assess how current IAM solutions on the market meet their needs.
The research was conducted as a case study which combines both qualitative and quantitative data. First, stakeholders were identified through an IAM report highlighting users with the highest number of requests. Next, a structured survey was distributed to these stakeholders, and finally the responses were analysed and compared against three selected IAM solutions. Additionally, three persons presenting different fields were interviewed to gain a deeper understanding of IAM practices and perspectives. Their insights were incorporated to support the survey findings and provide additional detail to this research.
The results show that IT, Operations, Finance, and HR were the primary stakeholder groups actively using IAM system in the Company X. The responses were largely consistent among them. Stakeholders place the highest value on a clear and intuitive user experience, fast and reliable access provisioning, and strong security and data protection. When asked about the most anticipated benefits of a future solution, they highlighted the importance of automation, improved visibility of roles and seamless integration to critical organisational systems. IAM experts emphasised that the system should be modular to meet modern standards and potentially leverage AI.
For further research, it could be interesting to expand the study to include the stakeholders who are not intensive users but are still affected by actions from IAM or contribute to IAM operations, as they were completely excluded from this research. This thesis serves as an initial investigation by identifying key expectations across departments and offers both practical and strategic value for the commissioning organisation. The study provides a foundation for defining IAM system requirements, and its insights can hopefully support decision-making and foster collaboration across departments. Future research could take a more detailed and technical approach to further develop these findings at a practical level. For the researcher, the thesis has been significant for professional development.
The research was conducted as a case study which combines both qualitative and quantitative data. First, stakeholders were identified through an IAM report highlighting users with the highest number of requests. Next, a structured survey was distributed to these stakeholders, and finally the responses were analysed and compared against three selected IAM solutions. Additionally, three persons presenting different fields were interviewed to gain a deeper understanding of IAM practices and perspectives. Their insights were incorporated to support the survey findings and provide additional detail to this research.
The results show that IT, Operations, Finance, and HR were the primary stakeholder groups actively using IAM system in the Company X. The responses were largely consistent among them. Stakeholders place the highest value on a clear and intuitive user experience, fast and reliable access provisioning, and strong security and data protection. When asked about the most anticipated benefits of a future solution, they highlighted the importance of automation, improved visibility of roles and seamless integration to critical organisational systems. IAM experts emphasised that the system should be modular to meet modern standards and potentially leverage AI.
For further research, it could be interesting to expand the study to include the stakeholders who are not intensive users but are still affected by actions from IAM or contribute to IAM operations, as they were completely excluded from this research. This thesis serves as an initial investigation by identifying key expectations across departments and offers both practical and strategic value for the commissioning organisation. The study provides a foundation for defining IAM system requirements, and its insights can hopefully support decision-making and foster collaboration across departments. Future research could take a more detailed and technical approach to further develop these findings at a practical level. For the researcher, the thesis has been significant for professional development.