Gartner Blog Network

Role Management – Demonstrating value, or not

by Kevin Kampman  |  August 23, 2010  |  Comments Off on Role Management – Demonstrating value, or not

Those of you who attended Catalyst in San Diego in 2009 may remember the lively panel on Role Management’s Evolution. The participants included Edward Coyne of SAIC, representing InterNational Committee for Information Technology Standards (INCITS), David Laurance of JPMC, Alan O’Connor of RTI, Robert Amos of NuStar Energy LP, and Paul Rarey of Safeway. The panel provided a candid perspective on the adoption of role management in organizations; details of the panel discussion were published in the blog “Role” World Challenges.

In the course of the conversation, Alan O’Connor identified that the National Institute of Standards and Technology (NIST), the government sponsor for the role-based access control (RBAC) standard (ANSI INCITS 359-2004), will be soliciting real-world investment information on the implementation and benefits of role management. The purpose of this effort, ultimately, is to justify new government funding for the refinement of the RBAC standard, and also to provide organizations with information that can be used to demonstrate value in their own situations.

The survey was finally launched in August 2010. Sponsored by NIST, this solicitation, entitled “The Economics of Access Control,” covers access control strategies and lifecycles, user provisioning, and compliance activities. The survey is located at The results will be published by the end of 2010 and contributors will receive a copy of the report. This is a perfect opportunity to provide your input and perceptions about RBAC and related activities and to shape the standards activities in the future.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research


Tags: rbac-roles  

Kevin K. Kampman
Research Director
12 years at Gartner
29 years IT industry

Kevin K. Kampman is a Research Director in Gartner IT Professionals Research, covering Identity Management and Privacy. Mr. Kampman assists organizations in the optimization of identity capabilities for business objectives. Read Full Bio

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.