Daniel Poliquin: Organizations often approach identity and access governance as a technology project when its really a business transformation program. A steering committee made up of business leaders who have skin in the game can provide ongoing guidance to the project sponsor. To make lasting change and truly reduce business risk, people across the organization have to alter what they are doing and, most importantly, understand why they’re doing it. The goal is to get the final users to embrace it and influence their peers.”]
Source: https://securityintelligence.com/identity-and-access-governance-lessons-from-the-front-line/