Access Governance, also known as Identity Governance, is the process of monitoring and controlling who within your organization has access to what information, when and how. It is often confused with access management, however access governance extends beyond merely managing access rights to include defining the security processes and policies that can impact an organisation’s management of data assets.
Access Governance refers to policies, tools and services used to combat unnecessary permissions and enforce appropriate access to digital resources and sensitive information. Ensuring that users only have access rights that are absolutely necessary for their role (a concept also known as the Principle Of Least Privilege, or ‘POLP’) reduces the risk of cyberattacks that exploit excessive access privileges and helps organisations meet increasingly strict compliance standards for privacy and data protection.