Most IAM buying guides are written for enterprise IT teams with six-figure budgets and a dedicated identity engineer. This one isn't.
If you're running IT for a municipality, a healthcare services company, or a mid-sized European organisation, and you're tired of onboarding taking three days, offboarding being a fire drill, and audits turning into a week of manual report-pulling, this is for you.
Start with the problem, not the feature list
The right question isn't "which platform has the most integrations?" It's: where is your team losing the most time right now?
For most organisations we talk to, it's one of four things:
-
New hires waiting days for access that should have been ready on day one
-
Departed employees whose accounts and licences are still active
-
One person in IT who's the only one who knows how everything connects
-
An upcoming audit with no clean way to show who has access to what
A good IAM platform solves all four. If a vendor leads with AI features or a 200-item integration list instead of addressing these, keep walking.
What actually matters when evaluating platforms
Compliance isn't a checklist, it's a log
NIS2 (in effect in Sweden since January 2026) and GDPR both require you to demonstrate control over who accesses what, and when. That means immutable audit logs you can actually export and present, not a compliance badge on a marketing page.
When you're in a vendor demo, ask to see what an audit report looks like. If they have to call in an engineer to show you, that's your answer.
"European" doesn't just mean "supports Entra"
Any platform supports Microsoft Entra. The real test is whether the platform handles your HR system, Visma, SD Worx, Unit4, Peple, and, if you're in education, whether it understands school administrative systems.
Integration depth matters more than integration count. Can the platform provision access based on HR attributes like department, location, and contract type? Does it sync in near real-time, or batch overnight? Ask specifically about the systems you actually use, not the logos on the vendor's integration page.
No-code is a real test
During your evaluation, ask the vendor to step back and let someone from your team, not their engineer, configure a workflow. If that's not possible in a demo environment, it won't be possible in production either. You'll end up dependent on paid services every time you need to make a change.
The right tool should feel like something your team owns, not something you rent someone else's expertise to operate.
Fast to live means something
Vague timelines are a warning sign. Ask for a realistic go-live estimate with a similar customer as a reference point. Then ask that reference customer directly. The difference between what vendors promise and what customers experience is usually where implementation risk hides.
The ROI case is simpler than the whitepapers suggest
You don't need a complex model. Three numbers do most of the work:
Time recovered. How many hours per month does your IT team spend on manual joiner/leaver work, creating accounts, adjusting access, chasing down offboarding? Multiply by your loaded cost rate. Most organisations find they're spending more than they realise.
Licences reclaimed. How many active licences belong to people who've left? Audit your HR system against your active accounts. The gap is usually 10–15%, and it's money you're paying right now for nothing.
Audit cost avoided. How long does an access review or audit take today, and what would it take if you had clean, exportable logs? For organisations with NIS2 obligations, this number alone often justifies the investment.
If the sum of those three numbers doesn't obviously cover the platform cost, the platform probably isn't right for your situation, or it's being priced wrong.
A note on vendor credibility
"Are you a serious vendor?" is a fair question to ask, and you should ask it. Identum is part of Visma — one of Europe's largest software groups — which answers the financial stability question without much further discussion.
But more relevant to your day-to-day: 73% of Norwegian municipalities use Identum for student IAM, and 210 use it for workforce IAM. That's not a marketing statistic. That's the infrastructure running in hundreds of IT departments like yours, in the same regulatory environment, with many of the same HR systems and target applications.
When Bjørnafjorden municipality (1,800 employees) automated their onboarding and offboarding with Identum, their IT manager put it plainly: "We have automated processes, and we have full control over access and licenses. It has simply become a more streamlined and efficient everyday life for us in the IT department."
That's the bar. Not transformation. Just a more streamlined everyday life.