Building a Scalable Identity and Access Management Program with SailPoint

A leading biopharmaceutical company partnered with Osprey Life Sciences to strengthen its Identity and Access Management (IAM) capabilities. With a growing and diverse workforce – including employees, contractors, consultants, and partners – the organization required a more structured, secure, and automated way to manage identity lifecycle events and access control across its enterprise systems.

Challenge:

The company faced multiple identity governance challenges:

1. Inefficient employee and contractor lifecycle management
   Manual processes for onboarding, offboarding, and role changes created delays, introduced risk, and placed an administrative burden on IT and HR teams.
2. Lack of automation in account provisioning
   Provisioning and deprovisioning for downstream applications was slow and error-prone, affecting both user productivity and regulatory compliance.
3. Decentralized identity data and inconsistent governance
   Identity data were scattered across multiple systems with little standardization, making integration and lifecycle tracking difficult.
4. Integration complexity and legacy infrastructure
   Over 200 applications needed to be brought into scope, many lacking standard interfaces, requiring customized solutions and stakeholder coordination.
5. Stakeholder alignment and change management
   A cross-functional approach was required to align IT, HR, Security, and business leaders on IAM strategy and execution priorities.

Solution:

While the client had already selected SailPoint Identity Now, Osprey Life Sciences played a pivotal role in shaping the IAM program strategy and leading execution. Osprey:

• Developed a comprehensive roadmap and project plan for the SailPoint implementation.
• Led cross-functional coordination among business and technical stakeholders.
• Oversaw end-to-end testing to ensure the solution met security and business needs.
• Advised on and sequenced related IAM initiatives such as MFA deployment, Okta optimization, Active Directory cleanup, and privileged access management.
• Supported change management by facilitating structured workshops and clear communication channels to align stakeholders.

Results:

The partnership delivered meaningful outcomes across identity security, compliance, and operational efficiency:

• Broad user impact: Over 3,500 employees and 1,000 contractors now benefit from accurate, timely, and secure access provisioning.
• Automation scale: Integration began for over 200 applications, significantly reducing manual workload and improving accuracy.
• Improved security posture: Automated deprovisioning helped close access gaps for offboarded users, while access certification features supported stronger compliance.
• Operational efficiency: IT and HR teams saw measurable reductions in time spent on manual tasks, enabling them to focus on higher-value work.
• Centralized governance: The organization now has greater visibility into user identities and access rights, improving audit readiness and decision-making.

Client Feedback:

Although the program is still ongoing, feedback has been consistently positive. Osprey Life Sciences provided the structure and leadership we needed to move a complex initiative forward. Their roadmap and prioritization helped bring clarity and direction, and their project management kept us aligned and moving.