What is identity governance and administration?

Understanding Identity Governance and Administration (IGA) systems

Identity Governance and Administration (IGA) systems

Identity Governance and Administration (IGA) joins the list of acronyms along with IAM, PAM, and UAM. The term gained acceptance in 2013 after Gartner merged two of its Magic Quadrants–one addressing Identity Governance and the other Identity Administration–into the Magic Quadrant for Identity Governance and Administration.

IGA systems merge identity administration, which addresses administering accounts and credentials, provisioning, and managing entitlements, with identity governance, which addresses the segregation of duties, role management, logging, and analytics and reporting.

IGA systems provide additional functionality beyond standard Identity and Access Management (IAM) systems. In particular, they help organizations meet compliance requirements and enable them to audit access for compliance reporting. They also automate workflows for tasks such as access approvals and provisioning/de-provisioning.

Elements of IGA Systems

Identity governance and administration tools help handle user identity lifecycle management. IGA systems generally include these elements for identity administration:

  • Password management Through tools like password vaults or, more often, Single Sign-On (SSO), IGAs ensure users don’t have to remember many different passwords to access applications.
  • Integrations Connectors to integrate with directories and other systems that contain information about users and the applications and systems they have access to as well as their authorization in those systems.
  • Access request management Workflows that make it easier for users to request access to applications and systems and get approvals.
  • Provisioning Automated provisioning and de-provisioning at both the user and application level.
  • Entitlement management Ability to specify and verify what people are allowed to do in various applications (such as add, edit, view, or delete data).

IGA systems generally include these elements for governance administration:

  • Segregation of duties Create rules that prevent risky sets of access from being granted to a person. For example, the ability to both view a corporate bank account and transfer funds to outside accounts (which might enable a user to transfer money to a personal account).
  • Access review Tools that streamlines the review and verification (or revocation) of users access to different apps and resources. Some IDG tools provide discovery features that help identify entitlements that have been granted and surface them.
  • Role-based management Defining and managing access through user roles.
  • Analytics and reporting Tools that log activities, generate reports (including for compliance) and provide analytics to identify issues and optimizations.

Thank you! We have received your details. Our sales teams will reach out to you shortly.

We’re passing along your contact information to our experts.

Something went wrong, please try again.

See Demo of OneLogin

All Fields RequiredFields Required*

  • Please enter your first name
  • Please enter your last name
  • Please enter company name
  • Please enter your job title
  • Please select number of employees
  • Note: Please enter a work email address only as we DO NOT accept web-mail addresses (gmail, yahoo, hotmail, etc.)

    Is that a correct business email address?
  • Please enter your phone number
  • By completing and submitting this form, I agree to the storing and processing of my personal data by OneLogin as described in our Terms of Service and Privacy Policy.

Related Resources:

Identity Management Compliance

Close the loop on identity compliance with intelligent identity analytics and policy reporting.

Learn More

1 Simple Step to Comply with EU DPD, GDPR, and Other Regulations

OneLogin’s Custom Terms and Conditions feature requires users to agree to a set of rules before logging into the portal.

Learn More

OneLogin Access

Learn how OneLogin Access can help simply manage access in complex hybrid environments.

Learn More