Our products have been around for years and we have had conversations with hundreds of companies across just about every industry and have learned quite a bit from those conversations. One of the most interesting things learned to date is the number of companies, without an alternative, who have looked to their HR Management System (HRMS) to help address the growing challenge in managing third party identity lifecycle and have come back as it has failed to produce the desired results.
Now I am not talking about the process of creating an identity in order to grant and govern access. I am talking about the complex and arduous task of gathering information about non-employees being sent into your organization that will eventually require access to physical and digital assets. Non-employees or third parties can have a variety of relationships with an organization. To enable access appropriately it is important to not only define who these third parties are and collect the necessary artifacts, but to determine what their relationship is, what business role they will fill, who is responsible for their relationship, and potentially what RISK they pose to the organization. Managing relationships is one of the most important keys to success and is ongoing for the lifecycle of someone’s relationship(s) with your organization.
In many cases, there is not a system in place that is capable of managing the complex relationships between a company and third party and from experience we know that your HRMS is not capable of handling the complexities surrounding non-employees.
Some of the factors that cause or exacerbate the third-party problem:
- Growth in the blended workforce has made the identity lifecycle tougher than ever to manage Management and oversight of these third parties is clunky, cumbersome, and ineffective
- A comprehensive identity store or Human Capital system for 3rd parties often doesn’t exist at all
- Defining the complex relationships and even identifying who should own these identities is often failing
- Poor identity management leads to poor access management
- Digital transformation drives demand for an increase in third party access to sensitive data
Before Considering HRMS Know the Following:
- HR Management Systems (HRMS) are built for employees and require heavy customization to support the complexity of varying population types of non-employees
- HR teams need to scale to accommodate management of additional people (~1 FTE / 400 people)
- Additional fees in licenses and services to customize the system every time a change occurs
- No ability to have partners and non-employees take part in the registration process and/or profile and relationship changes
- Does not manage risk and can’t create relationships between vendors and individual non-employee identities
What is Needed:
- A system purpose built to support all non-employee populations that is built with a modern point and click design that is easy to administer by the business
- A system that is built to accommodate centralized collaboration between line-of-business, partners and non-employees
- A system built to support any number of non-employees, involving and holding the business accountable
- Fully capable of including partners and non-employees in the full lifecycle of ANY/ALL non-employees
- Full RISK management of non-employees including tying together; vendor risk, identity risk and access risk
- Most importantly a system that speeds up the process of using and managing third party non-employees, reduces RISK and lowers cost