The Certified Identity and Access Manager® (CIAM) designation is a registered program developed for professionals who manage identity risks and user access to systems.
Identity and Access Management (IAM) is the most important discipline of information security which aims to manage user identities and access to enterprise resources and data. IAM governance and programs including policies, processes, and technologies manage user identities and define what they can access and do within a system through identification, authentication, approved access rights, and activity monitoring.
CIAM® professionals continuously assess their organizations’ existing capabilities in the identity lifecycle to prioritize business investments, close compliance or control gaps, and identify process improvements to reduce costs.
Watch this video to learn more about the Certified Identity and Access Manager (CIAM)® program:
Interested IMI members can earn the CIAM designation in one of two ways. Qualified candidates may become a CIAM without an examination by demonstrating knowledge and experience or by applying for a study guide and passing an examination. Apply for IMI membership and submit a CIAM application to get started.
Interested candidates who do not qualify for an examination waiver and must earn the CIAM designation with an examination can take a practice test to see what they can expect from the CIAM training program and its final examination which consists of 100 similar questions.
Identity and Access Management
The image below illustrates identity and access management processes and activities which define the scope of the CIAM program.
Challenges and Opportunities
Although technology is an important part of identity and access management, adopted solutions in the past have often focused on just technologies which were poorly designed and implemented resulting in high costs and limited value. Organizations often struggled to meet compliance demands, and the solutions were deployed to manage limited number of systems.
As companies become more aware of the urgent need for managing identity and access management risks, meeting compliance requirements, and countering various threats facing their organizations such as cyber crime, the benefits of implementing an effective IAM program and technology, as well as employing highly skilled Certified Identity and Access Manager professionals become apparent and are brought to the forefront for managing risks.
The following are several areas and business risks which demand that companies embrace IAM programs, skilled professionals, and technologies:
- Mobile Computing
- Cloud Computing
- Connected Devices
- Social Media
- Big Data
- Data Loss and Theft
- Identity Theft
- Cyber Crime & Terrorism
From a regulatory compliance standpoint, there are many overlapping laws pertaining to customer identification, privacy, transaction monitoring, government reporting, and fraud prevention that companies must manage as effectively and efficiently as possible. For example, companies are required to establish a formal Customer Identification Program (CIP), monitor account activities, ensure the security of customer information, report suspicious activities, and prevent identity fraud.
Although, identity and access management processes are critical for protecting consumer information and complying with privacy and other regulations, IAM is evolving beyond compliance to become a risk-based function that can help an organization achieve competitive advantage through state of the art technology such as biometric authentication, lower operating costs, increased efficiency, and reduced risk of security breaches.
Critical Risk Domains™
Identity Management Institute is the independent international organization which developed and administers the CIAM® designation and uses Critical Risk Domains™ (CRDs) to maintain the CIAM program, define the identity risk universe, promote best identity and access management practices, and certify professionals worldwide.The following are Critical Risk Domains (CRDs) for the CIAM program:
- Strategy and Governance
- Program Management
- Lifecycle and Transformation
- Access Request and Approval
- Provisioning and De-Provisioning
- Auditing and Reporting
- Access Review and Certification
- Account Reconciliation
Who Should Become a CIAM
Identity Management Institute members who earn the CIAM professional designation are identity and access management experts who work for a variety of government agencies, businesses, and technology companies worldwide to design, implement, improve, or manage identity and access management programs, processes, and tools.
Identity and access management risks continue to evolve worldwide as new threats and solutions are introduced, and laws are implemented. Specifically, cyber crime, identity theft, and related fraud are on the rise and various governments are scrambling to address privacy and manage risks through regulations. A CIAM designation validates professionals’ qualifications for helping their organizations meet compliance requirements and managing identity and access management risks which can affect the integrity, availability, or confidentiality of systems and data. System and network security controls alone can not protect an organization’s critical assets if identity and access management controls are weak or do not exist.
A CIAM designation and IMI membership also illustrate the fact that certified members value professional involvement, maintain an interest in identity and access management topics, have relevant professional experience, and contribute to their profession.
The CIAM application fee is $195 for current IMI members who apply and qualify for exam waiver based on past experience, education, and other professional certifications. The fees for becoming CIAM with an examination is $295. Click below to see if you qualify for an exam waiver and apply.
IMI uses PayPal and other third party credit card processors to request and receive international credit card payments after applications are received. Alternatively, candidates may mail a cashier’s or company check.