Identity Access Management (IAM) Modernization

Related Links

Contact

Louis Bugenig
Project Manager

Progress update - February 2025

The IAM Modernization project has made significant progress over the past month, including team expansion, foundational research, and key design activities. The team has successfully onboarded Business Analysis and System Integration teams, conducted workshops with agency partners, and launched the CIAM MVP Roadshow.

Despite some challenges in cohort selection, the project continues to advance in vendor evaluation, architectural design, and system integration. The successful launch of the CIAM MVP Roadshow has provided valuable engagement opportunities, helping to shape the direction of IAM modernization while maintaining alignment with agency partners and stakeholders.

Planned Activities for February:

  • Cohort & Engagement Planning:
    • Finalize and submit Cohort 0 & 1 recommendations.
    • Continue the CIAM MVP roadshow.
  • Identity Verification & Risk-Based Authentication:
    • Continue research and documentation on Socure and LexisNexis capabilities.
    • Conduct IDV selection requirements review with agency partners.
    • Finalize decision on IDV vendor selection.
  • Technical Advancements:
    • Progress development on enrollment workflows.
    • Finalize and submit a recommendation for user data migration.
    • Achieve code completion for a limited production release to demonstrate value.
    • Select an application for onboarding to the limited production release.
    • Select a Risk Scoring platform for integration.
  • Governance & Documentation:
    • Conduct QA review and provide responses.
    • Prepare materials and for upcoming governance communications.
    • Collect agency survey data to confirm cohort candidates.
  • OCM Strengthening Activities
  1. Update schedule and roadmap to reflect decisions on MVP, with particular focus on limited production release so that we can communicate timeline for next level of engagement by agencies.
  2. Complete the 4Ps assessment so that we can better understand enterprise impact.
  3. Finalize and communicate selection of applications planned for Cohorts 0 and 1 so that agencies have visibility into our plans and selection process.

Read the full February project status update

Timeline for a project

Overview

Since 2019, a renewed focus has been placed on cloud computing, data management, resident experience, privacy and cybersecurity.  In addition, there is increased recognition that consumers of Washington state services and our vendors expect to be able to interact with the state consistent with the basic levels of Identity Management provided by the private sector. 

There is a recognized need across the enterprise to modernize our Identity Management (IAM) capabilities to meet these expectations and to better manage access to systems and services in a controlled manner. 

Specific drivers of our need to modernize IAM include:

  • Existing enterprise solutions are limited to email-based authentication.  The current model of federated identity verification has no single and comprehensive view of user identity.  This has resulted in a disjointed user experience as users manage multiple portions of their identity across disparate systems (trust model).
  • Consolidation of access to state services using an updated resident portal that will be a front door for access to all state services and will be dependent on IAM functionality.
  • Ever increasing need to mitigate access-related risks and potential fraud.
  • Outdated policies driving increased waiver requests that increase barriers to delivery of services while proliferating siloed identity stores.
  • Additional IAM functionality needed to realize benefits associated with migration toward cloud computing.
  • Supporting the state’s Digital Equity goals by eliminating outdated technology and policies which increase barriers to services.
  • Alignment to top priorities of national state CIOs. IAM is the National Association of State Chief Information Officers (NASCIO) sixth ranked priority of their 2022 top 10 priorities.
  • Mitigate identity sprawl by modernizing to meet federation needs and integration with other identity stores while maintaining a single source of truth for identity. 

Vision

IAM Strategic Vision: Washington residents can access state digital services efficiently with confidence that their information is protected and privacy is respected. The state reduces risk by verifying all users and authenticating all transactions while increasing digital equity and access to state services.  

Project goals in support of Strategic Vision:  Engage agency partners and complete a successful technology Proof of Concept resulting in contracts with technology and service providers necessary to modernize IAM technology and processes for the state of Washington.