This paper sets out to share BT's leadership and experience by determining the identity management opportunities and issues, then document the lessons learnt in previous deployments and recommend strategies for all types and sizes of organisation. Today's ICT environment has created a mixed approach to access management across sectors. Browser-based any time, anywhere, anyone access, coupled with the business need to access more systems and services across a changing infrastructure of distributed platforms and networked services, has changed the administrative landscape. Enterprises are being forced to add administrative support staff or invest in technology-driven process change. At the same time, users are undergoing significant change, creating new expectations in service quality. Moreover, regulatory bodies are demanding confirmation that processes granting access are controlled and documented. In this world of increasing demands, complexity and expectation, the service management tools, techniques and options available to improve user access management are as varied and numerous as the issues faced by management in their deployment. Identity management is widely heralded as an opportunity to improve the end user experience, reduce costs, improve security and deliver regulatory compliance — but is often misunderstood. Projects regularly fail to achieve the expected benefits. These failures are the result of expectations being inappropriately set, deployment of solutions turning out to be more complex or taking longer than expected, and/or products selected before required functionality has been determined. For the larger more mature organisations, or those organisations that are the amalgamation of mergers and acquisitions, the dilemma is where to start and what approach to take.