Queensland Department of Education

The resulting Comparison Matrix mapped mandatory application requirements for IDM to platform capability based upon Provisioning, Access Management and Lifecycle Management. It was not intended to be a feature by feature comparison of the platforms but was designed to identify the key strategic applications and whether the examined IDM platforms could meet the identified mandatory functionality requirements.

Comparison Matrix

An outcome of this process showed that no single vendor could meet all the business and technical requirements of the future Target Architecture resulting in the adoption of a ‘best fit’ hybrid solution comprising of Microsoft’s ILM and IBM Tivoli Access Manager.

The resulting matrix was an important decision support tool incorporated in the business case and used to brief sponsoring Executives on the preferred approach and solutions.

The introduction of effective, streamlined security and authentication processes in order to provide secure, simplified access to information and services as envisaged by the Smart Classrooms strategy in 2005 has been realised.

As a result of the long term, productive partnership between UNIFY Solutions and the Department of Education and Training - teachers, students and staff now have 24 x 7 online access to the information and applications needed to support teaching and learning in the 21st Century The future challenge and opportunity for the Department is to evolve the IDM platform to meet the increasing demand for access to digital services anywhere, anytime, on any device.

Having a trusted strategic partner providing independent advice, certified IDM specialists and trainers, ensures the Department is in a strong position to meet these challenges and opportunities UNIFY Solutions were appointed in 2006 and continue to be the primary Identity Management Strategic Partner following the release of a tender and establishment of a panel of Identity Management Specialists.

Conduct detailed analysis of the ‘as-is’ enterprise platform and design the future target architecture to meet the strategic intent of the organisation.

A key step in the lead up to the business case is the development of a Target Architecture - a high level design for the future state of IDM within the organisation. This IDM Target Architecture should articulate the future business and technical requirements over the next three to five years.

The IDM Target Architecture is critical to building an understanding of IDM across stakeholders and enables the organisation to perform a gap analysis between the ‘as-is‘ and ‘to-be’ future state which will form the basis of a comprehensive and logically structured implementation roadmap.

The approach taken to develop an IDM target architecture by the Department in partnership with UNIFY Solutions included:

Target Architecture Steps

• Identifying business and technical requirements;
• Reviewing applications and infrastructure resulting in a Directory Inventory;
• Defining the future Identity Management conceptual architecture
• Performing a gap analysis between the Directory Inventory and the IDM Target;
• Developing a roadmap including budget estimates;
• Detailed market scan and technical reviews

A key step undertaken by UNIFY Solutions and QDET in developing options to achieve the IDM Target Architecture was the conduct of a series of structured technical interviews and solution reviews with the leading IDM vendors and Solution Integrators. The output from the technical interviews was used to create a functional fit against the business and technical requirements. Having access to UNIFY’s technical IDM specialists with a deep understanding of each of the vendor products strengths and weaknesses was invaluable in determining the functional fit.

Identity Registration

The system would provide user registration, streamlined security and authentication processes, access rights and restrictions, account profiles, passwords, and other attributes required to support a ‘single student record’ and provide students, teachers, staff and eventually parents with a secure, simplified access to information and services appropriate to their role.

This enabled the IDM Program to be initiated as part of the wider departmental digital strategy with a clear, causal link between IDM and the delivery of the core business of the Department. Without this strong and compelling connection the IDM Program and sub- projects risked delays, budget reduction and scale back especially as the implementation was scheduled across multiple years and budget cycles and eventually changes of government. All programs and initiatives at the scale, complexity and risk of an enterprise IDM program will eventually come before the organisation’s executive board of management for sign-off, initiation and review. Executive boards and budget committees are under constant pressure to reduce back office costs, improve efficiencies and focus resources on core business delivery and front line services or products. Any expenditure in areas not considered core and critical to the success of the organisation are inevitably targeted for reduction.

In the context of the Department at the time the Smart Classrooms strategy was being developed there were over 2600 directories and 1300 authoritative sources as a result of multiple, local split networks at every location and separate instances of the student management system for each school. Teachers were reporting that new user accounts took weeks to create with separate identities required to access each of the major learning and administration systems.

As Is IDM Architecture

In response to this complex, distributed, unmanaged environment, a future state IDM system was defined as an integrated system of business processes, policies and technologies that would enable teachers, students and staff access to departmental applications and resources — while protecting confidential student, staff personal and business information from unauthorised access.

Identity Management (IDM) implementations in any organisation is a technically complex, high risk activity let alone an education jurisdiction with over 600,000 student and staff identities located in over 1500 locations spanning a 2300 km footprint across Queensland. Implementations are resource intensive, spawning multiple projects usually executed over successive years that directly impact the core frontline and business systems of the organisation. In 2005 the Department launched the Smart Classrooms Strategy – a digital blueprint for the future of teaching and learning over the coming decade and beyond. The core of the vision was the personalisation of teaching and learning in order to lift student outcomes. The strategy was predicated on providing teachers, students and staff with increased access to online information, services and tools to personalise the learning for every student leading to improved student outcomes.