With the loss of a physical perimeter in protecting applications and data from external and internal threats, the “people” domain of Zero Trust eXtended (ZTX) is one of the most dynamically changing and growing areas. ZTX IAM is a mosaic of identity management and access governance, web access management, privileged identity management, data identity, directory infrastructure, and identity-as-a-service (IDaaS) for workforce and consumer architectures and solutions. In this report, we look at major IAM areas and highlight best practices for S&R professionals to repeatably and robustly implement Zero Trust in the people domain.