Here's a few from me in Letterman top 10 list style (note: I realise some of these are longer than "snappy one-liners" if you include the explanations but I figured it was better being clear than leaving everyone scratching their heads):
10. Exec can haz light saber
If you don't get business buy-in and an executive sponsor (with a big light saber they can pull out when required), the chances that your Identity Management project will succeed are significantly reduced (note: this one's true of most IT projects, but it's especially important in this context because Identity Management projects typically touch every single department).
9. An internal a** needs to be on the line
An internal person needs to own the project and be accountable. Don't pretend everything will be fine by assuming the vendor and service provider know how your business processes work.
8. Big bang will blow up
Take a phased approach to Identity Management, not a "big bang" one.
7. Go for the quick visible win first
Solutions that visibly improve the end user experience will go a long way towards the project being viewed as a success (note: this is actually the way the single sign-on products are typically sold, but it can apply to other types of Identity Management solutions as well).
6. The vendor should catch any S*** splattered from the fan
The core Identity Management technologies are largely commoditised. Pick a vendor that will stick around when the S*** hits the fan, not the one with the shiniest new toy.
5. "The grad got hit by a bus? No problem, here's another one we hired last week" is not the right answer
Pick an implementation partner with real expertise, not one that knows how to hire a shed-load of University graduates and send them on product training before promptly rolling them onto your project and charging them out at a rate that is 10 times the amount they actually get paid (I'm looking at you Accenture, Deloitte, IBM GBS et al).
4. Entitlement Management is not a new concept
It's just a fancy-schmancy name for fine-grained access management, which has been around for years. People are just getting around to worrying about fine-grained stuff because they've already implemented some sort of web access management product.
3. You probably don't need the whole suite of products
If the sales person tells you that you do and can't explain why, boot their a** out the door. Of course, quite often they'll give you a larger discount for buying the whole lot up front so you'll need to decide if it's worth the money potentially ending up with a bunch of shelf-ware.
2. RFPs are a waste of time that won't die
They are a necessary evil that some large organisations need to go through, but vendors fill them in by doing copious amount of copying and pasting and the evaluation teams select a shortlist by counting the number of "comply" responses. Why? Because Identity Management projects that need RFPs are too complex to evaluate using a tender process.
1. If you think the software's expensive, wait until you get the bill for the services!
This isn't always true, but unfortunately it's all too common. In short, pick your implementation provider carefully and keep a tight leash on the scope and milestones.