Identity Improvement Programme: Trinity term 2026

Work this term centres on strengthening foundations and preparing identity services to scale across the University

Sustainable ways of working

The transition from programme to ongoing service continues, with a stronger focus on service readiness and repeatability. This includes strengthening product and service practices, defining measures of success, and embedding consistent approaches to evaluation and prioritisation. 

Day-to-day service operations are improving through clearer ownership, better cross-team working, and regular review points. Ownership is now agreed for priority services, with review points shaping direction and refining priorities as services mature. 

All work is aligned to real-world needs and service outcomes. 

A shared direction for identity services 

This work reinforces a shared direction for identity services within the wider digital landscape. Identity services are positioned as a foundational enabler for data and access management, enabling data owners to manage access locally within agreed standards. 

Collaboration across identity, security and service teams has clarified priorities and dependencies. This helps teams focus on where identity services underpin access, rather than duplicating controls in individual systems.  

Expanding groups and access management 

This term will expand the use of owner maintained groups, where access is managed through group membership rather than individual permissions, building confidence in group-based access as a scalable default approach. 

Early use of the group request process shows demand where the same access rules apply across several systems, particularly in research and administrative services spanning multiple platforms. So far, the pilot has completed 42 requests for groups. 

Follow-up interviews show that owner maintained groups are particularly useful within SharePoint, both for managing permissions and enabling audience targeting of content. The pilot groups are also used for access management in apps, controlling administrative access to the new Microsoft Fabric data platform. 

Priorities include learning from early use, improving processes and guidance, and extending adoption across services. Work is also progressing on roll-up group patterns, where groups can be combined to manage access at scale.  

In parallel, identity attributes are being examined to support more automated group membership and access decisions. This approach balances local flexibility with clearer ownership, shared standards and improved visibility. 

Governance to support scale 

Work this term strengthens governance and decision-making through policy development, improved transparency, and reporting on performance and outcomes. 

This includes defining how identity data and attributes are structured, governed and reused to support consistent and trusted services at scale. 

Expected outcomes this term 

By the end of Trinity term, stakeholders should expect to see: 

  • Stronger, more consistent identity service operations, with clearer service practices and review points in place  
  • Clear ownership and accountability for priority identity services, supporting the transition from programme delivery to sustainable service  
  • Wider use of group-based access management, reducing reliance on individual permissions  
  • Early, repeatable patterns for scaling access using roll-up groups and identity attributes  
  • Improved governance and clarity on identity data and standards, supporting trusted reuse across services  
  • More opportunities to engage, learn and influence direction as identity services expand and mature 

Next steps and getting involved 

The programme will continue design and planning for the attribute architecture, develop guidance on requesting and using attributes, and refine governance and tooling based on feedback. 

IT Support Staff (ITSS) and project teams should engage if they are designing or updating services that use identity data, manage access or roles, or store people data locally. Contact digital.identity@admin.ox.ac.uk 

Overall, Trinity term marks a shift from building and piloting identity capabilities to embedding and scaling them as dependable, University-wide services.