The University is enhancing its identity management service to reflect the increasingly complex identity lifecycle, spanning outreach, admissions, recruitment, non-matriculated students, visitors, and alumni. This work is central to our digital strategy, aiming to provide a seamless, secure experience for everyone interacting with the University.
The Identity Improvement Programme supports distributed access and assurance management while offering a single source of truth for authorised data use. It aligns with other Digital Transformation initiatives, including:
While each programme has a distinct focus, they collectively advance the University’s digital transformation by strengthening data governance, enhancing user experience, improving security, supporting collaboration, and driving operational efficiency.
Why does the University need to improve its identity management?
Current identity management processes no longer meet the University’s evolving needs. A Digital Transformation investigation was undertaken to identify the core identity issues and challenges encountered by previous programmes. A summary report of the findings is available on the Digital Transformation webpages. These challenges include:
- lack of clear ownership of data: there is no clear ownership of data, leading to inconsistencies and inefficiencies in managing identities
- absence of process governance: without a robust governance framework, our identity processes lack the necessary oversight and accountability
- limited service offerings: existing systems don't support services for groups outside the University, such as student outreach, admissions, non-matriculated students, or visitors
- inflexible processes: rigid workflows make it difficult to manage changing roles and relationships across an individual’s journey with the University
- integration barriers: it is difficult to integrate new technologies into the existing technology stack
How are we going to improve identity management?
The Identity Improvement Programme will consider three core elements:
- Digital identity: attributes that securely represent a person in digital form
- Lifecycle management: processes and people managing an individual’s identity journey
- Access: using identity data to enable appropriate access and entitlements
The key principles under which the programme will operate are:
- it is scoped to focus on 'identity as it relates to access'
- it stores and validates identity-related information, but does not control the processes that generate or manage it
- it acknowledges the authority of colleges and departments to manage entitlements related to access to digital and physical resources
The benefits of improved identity management
Financial
Financial performance and resource use |
Stakeholder
Performance from the perspective of key stakeholders |
- Greater automation reduces costs: fewer helpdesk calls, lower overheads, and more efficient provisioning and deprovisioning
- Reduced duplication and bureaucracy lead to operational cost savings
- A single source of truth for person data saves staff time by eliminating the need to search across multiple systems, improving efficiency
|
- Services are scalable and future-proofed, supporting evolving needs
- Simplified and secure access to identity services
- Improved self-service capabilities enhance user control
- Personalised experiences and seamless user journeys improve satisfaction
- Secure collaboration is enabled, supporting cross-institutional or external partnerships
|
Operational delivery
Performance in relation to service metrics and measures |
Organisational capacity and capability
Enablers key to breakthrough performance |
- Consistent and reliable identity service offering
- Streamlined identity processes reduce time for onboarding, offboarding, and access changes
- Efficiency gains in access, provisioning, and role management
|
- Effective identity governance ensures clear ownership and accountability
- Data standardisation supports a single source of truth
- Enhanced data quality strengthens decision-making and reporting
- Reduced identity-related risks (e.g. unauthorised access, data breaches)
- Improved compliance with legal and industry requirements, including GDPR
|
