Identity governance

Identity governance

IBM Security Identity Manager extends the identity management governance capabilities with a focus on operational role management. Using roles simplifies the management of access to IT resources.

Role management Manages user access to resources, but unlike user provisioning, role management does not grant or remove user access. Instead, it sets up a role structure to do it more efficiently.
Entitlement management Simplifies access control by administering and enforcing fine-grained authorizations.
Access certification Provides ongoing review and validation of access to resources at role or entitlement level.
Privileged user management Provides enhanced user administration and monitoring of system or administrator accounts that have elevated privileges.
Separation of duties Prevents and detects business-specific conflicts at role or entitlement level.

These Security Identity Manager features can be augmented by IBM Security Identity Governance for greater governance capabilities.

Parent topic: Features overview

Role management	Manages user access to resources, but unlike user provisioning, role management does not grant or remove user access. Instead, it sets up a role structure to do it more efficiently.
Entitlement management	Simplifies access control by administering and enforcing fine-grained authorizations.
Access certification	Provides ongoing review and validation of access to resources at role or entitlement level.
Privileged user management	Provides enhanced user administration and monitoring of system or administrator accounts that have elevated privileges.
Separation of duties	Prevents and detects business-specific conflicts at role or entitlement level.