University of Wisconsin–Madison

Identity & Access Management Council

The Identity and Access Management (IAM) Council serves as a campus-wide stakeholder group for identity and access management (IAM) services at UW-Madison. A commonly available set of IAM services as is a key element of the UW-Madison IT infrastructure, ensuring effective, efficient and consistent access controls to protect university resources and the privacy of members of the university community, while enabling efficient access to resources in support of the university’s mission.

IAM Council Mission

The IAM Council’s mission is to continuously work towards improving security, reducing risk and improving the quality of and confidence in campus identity, authentication and security systems by engaging stakeholders and providing a roadmap for identity and security services to applications that appropriately balance risk, usability and need. The IAM Council advances a service-centric approach that enables campus to safely and confidently deliver broad and dynamic services to an ever-widening base of customers.

At a glance

Icon documents

Documents

Meeting Assets

Charter

Google Team Drive

IAM Council Members

Council Participants

Name Area Email
Name Area Email
David Parter CS dparter@cs.wisc.edu
Dan Simanek VCRGE daniel.simanek@wisc.edu
Pete Boguszewski Libraries peter.boguszewski@wisc.edu
Steve van der Weide Wisconsin School of Business steve.vanderweide@wisc.edu
Kevin Cherek AIMS kevin.cherek@wisc.edu
John Jameson Business Services john.jameson@wisc.edu
Jan Cheetham CIO Office jan.cheetham@wisc.edu
Jim Drews College of Engineering james.drews@wisc.edu
Catharine DeRubeis OHR catharine.derubeis@wisc.edu
Amanda Reese Office of Compliance amanda.reese@wisc.edu
Jeff Korab SMPH jeffrey.korab@wisc.edu
Kevin Breese Wisconsin Union kevin.breese@wisc.edu
Gary DeClute Cybersecurity gary.declute@wisc.edu
Chris Spencer Cybersecurity christopher.spencer@wisc.edu
Phil Hull Enrollment Management phillip.hull@wisc.edu
David Swiderski Housing david.swiderski@housing.wisc.edu
Nancy Lynch Legal Affairs nancy.lynch@wisc.edu
Andy Goldstein Academic Technologies andy.goldstein@wisc.edu
Alan Ng DCS alan.ng@wisc.edu
Stefan Wahe Cybersecurity stefan.wahe@wisc.edu
Tom Jordan DoIT – EIS tom.jordan@wisc.edu

SMEs / Resources

Name Area Email
Name Area Email
Jon Miner DoIT EIS jon.miner@wisc.edu
Mike Roszkowski DoIT EIS mike.roszkowski@wisc.edu
Ty Letto DoIT EIS ty.letto@wisc.edu
Ratsmee Vang DoIT EIS ratsmee.vang@wisc.edu

Upcoming IAM Council meetings

No events returned.

Foundation

  • IAM Council Charter

    Purpose of this Document

    This document charters the Identity and Access Management (IAM) Council and defines its shared direction, guiding principles, membership, and roles and responsibilities. The membership and sponsors will review and update this charter biannually.

    Background

    UW–Madison has not always delivered IT services in a unified or comprehensive manner, and the Identity and Access Management service portfolio is no exception. Identity and Access Management (IAM) is the collection of policies, technologies, and practices that govern and provide identity assurance, and the access to resources based on a verified identity. IAM at UW–Madison has grown organically over time and is often disparate and siloed, lacking a shared, community-driven vision and direction. In addition, new technologies and ideas in the IAM field were becoming widespread, practical, and accepted, which left the campus even further adrift from best practice. The situation was, and is, untenable.

    In 2015, campus stakeholders formed the Credential Policy Stakeholders Team to address these issues. In 2016, that group released their final report, which defined a forward-thinking strategy for credential management that focuses on risk, usability, services, and confidence. That report called for a new and permanent guidance or governance group to guide implementations in support of that vision. In 2017, the Infrastructure Technology Advisory Group expanded that vision to include steering and oversight for the comprehensive set of identity and access services needed by the campus community to support the University’s mission.

    This new group was charged with the fidelity to and maintenance of the vision put forth for IAM at UW–Madison. This vision supports the University mission by providing technology, process and policy to ensure appropriate and effective access to IT services for our stakeholders. It sees a commonly available set of IAM services as a key element of the University IT infrastructure, to ensure effective, efficient and consistent access controls to protect University resources and the privacy of members of the University community, while enabling efficient access to resources in support of the University’s mission.

    In order to meet the vision, the campus must rationalize our IAM service offerings against the campus needs and define a future-focused roadmap for IAM services. Further, the campus must work to align delivery of other IT services with the IAM roadmap, and ensure that access to services encompasses appropriate considerations of risk, usability, service and confidence.   This document establishes the group charged with fulfilling these responsibilities.

    For additional information regarding the relationship between this group and other governance groups, please see Appendix 1 below.

    Authorization to Operate

    The following individuals have authorized the IAM Council to operate in the capacity defined within this charter:

    Role Name/Title
    Sponsoring Governance Group Infrastructure Technology Advisory Group (ITAG)
    Sponsoring Group Representative Melissa Tran, Director, Enterprise Internet Services
    Sponsoring Group Representative David Towers, Asst. Dean, Wisconsin School of Business

    Mission

    Continuously work towards improving security, reducing risk and improving the quality of and confidence in campus identity, authentication and security systems by engaging stakeholders and providing a roadmap for identity and security services to applications that appropriately balance risk, usability and need. Advance a service-centric approach that enables campus to safely and confidently deliver broad and dynamic services to an ever-widening base of customers.

    Guiding Principles and Values:

    The IAM Council’s operation, direction and recommendations will be based on the following guiding principles:

    • Transparency – We are committed to open and transparent processes that encourage review and input from all campus stakeholders.
    • Campus Engagement – We must involve and engage stakeholders who have expertise and are affected by identity and access policies, plans and efforts within our community.
    • Stewardship – We must act as good stewards of resources that support the overall mission of the University. The IAM Council will consider the most effective application of resources to meet the needs of campus stakeholders.
    • Inclusivity – The best discussions and recommendations come from a warm, welcoming, inclusive and spirited community.
    • Service Focus – A service-centric IAM approach enables campus to safely and confidently deliver broad and dynamic capabilities to an ever-widening base of customers.
    • Integrated Service Approach – We believe that services must integrated with campus data and security policy and standards, be vetted for risk and compliance, and be governed by an active stakeholder community.
    • Future Thinking – We must ensure that short-term directions and recommendations are consistent with a long-term vision for IAM services.

    Scope

    • Provide direction and leadership for the specification, development and implementation of IAM services in support of IT service delivery to UW–Madison constituents (IAM Roadmap Planning).
    • Survey the needs of campus stakeholders to ensure that IAM services are well aligned and effectively supporting campus needs.
    • Ensure that services are well integrated with campus standards, vetted for risk and compliance and governed by an active stakeholder community (IAM Service Rationalization).
    • Provide analysis and recommendation for the IT project intake process for IAM services and advise on IAM impacts and dependencies for other services in the portfolio (IAM Portfolio Management)
    • Examine the current security of UW–Madison authentication credentials as compared to best practices and current recommendations, such as those published by NIST, SANS, InCommon, and others. Consider cost and benefits to assure that recommendations of the team are practical to implement (Credential Steering)

    Structure, Membership, and Responsibilities

    The IAM Council membership consists of a mix of business, technology, legal and compliance representatives addressing the needs of students, faculty and staff from schools, colleges, divisions and administrative units from around campus. These members represent the needs, impacts and issues around identity and access for their units and the campus at large.

    Sponsors

    Infrastructure Technology Advisory Group (ITAG) sponsors the IAM Council, and also serves as its primary governing body. The IAM Council may provide guidance and recommendations to other campus governance groups on issues relating to identity and access management.

    Chairpersons

    The IAM Council has two chairpersons. Executive Sponsors select one chairperson to a standing appointment. The Council nominates the other chairperson and the executive sponsors confirm the appointment for a one-year term.

    Membership

    The IAM Council provides recommendations and guidance on identity and access services to campus governance and stakeholders. Membership consists of:

    • Central IAM Service Representative (Chairperson)
    • Campus at-large Representative (Chair)
    • Appointee from Office of Cybersecurity

    Remaining membership will be solicited by sponsors from the wider stakeholder community with an emphasis on capturing a diverse group representing faculty, staff, student, research, academic and administrative needs. The Council will also solicit both technical and non-technical members, and balance the representation from central and distributed IT communities.

    Meetings

    The chairs are responsible for generating and ensuring the distribution of meeting agendas and minutes. Members review the material and are prepared for the meeting and potential discussion. The IAM Council determines its meeting frequency and agenda structure.

    Sub-Committees

    The IAM Council makes use of sub-committees, comprised of subject matter experts and key stakeholders, to analyze problems, evaluate projects, recommend solutions, and provide guidance for implementing initiatives. Sub-committee membership is by appointment from the IAM Steering Group members. Sub-committees leverage and engage the larger IT community and frequently include non-IAM Steering Group members.

    Subject Matter Experts

    The IAM Council also engages subject matter experts as needed to aid in understanding issues and impacts and to develop plans, proposals and options for campus. Subject matter experts may be brought in from a variety of technical, business, legal and compliance area and serve a supporting role in helping the IAM Council to meet its objectives.

    Appendix 1 – IAM Council relationships to other IT Governance Groups

    Note: Need image