Explanation of terms

Identity governance and administration (IGA) refers to the area of Identity & Access Management (IAM) that focuses on the control, traceability and automation of user identities and access rights. While IAM enables access, IGA ensures that this access meets security and compliance requirements.

Functions and objectives of IGA

• Automation of user processes: e.g. provisioning, role assignment, onboarding and offboarding
• Governance and compliance: e.g. through access certifications, policy controls and audit trails
• Risk reduction: by avoiding excessive or outdated authorizations
• Transparency and control: clear insight into "who has access to what - and why?"

When is IGA used?

IGA is used when organizations want to control access across multiple systems in a secure and traceable manner, whether in the cloud, on-prem or in hybrid environments. Especially in regulated industries (e.g. finance, healthcare), IGA is a key building block for auditability and legally compliant identity management.

What are the concrete benefits of IGA?

Identity Governance & Administration (IGA) is particularly relevant for companies and organizations that:

• are subject to high regulatory requirements (e.g. financial sector, insurance, energy, healthcare)
• Manage a large number of employees, partners or external identities
• work with critical or sensitive systems and data
• operate complex IT landscapes with many systems, roles and locations
• must meet strict requirements for auditability, transparency and risk minimization

IT security officers, compliance teams, audit and governance units as well as HR and specialist departments in particular benefit directly from IGA. They can use central processes to ensure that access is granted, checked and withdrawn correctly.