Browse Definitions :
Definition

access governance (AG)

Access governance (AG) is an aspect of information technology (IT) security management that seeks to reduce the risks associated with end users who have unnecessary access privileges. The need for access governance has grown in significance as organizations seek to comply with regulatory compliance mandates and manage risk in a more a strategic manner.

An important goal of access governance is to reduce the cost and effort that’s involved in overseeing and enforcing access policies and management procedures, including recertification. To this effect, access governance software tools can help track access, validate change requests, automate the enforcement of role-based access control (RBAC) or attribute-based access control (ABAC) policies and simplify reporting.

Many access governance software applications combine access control (AC) with identity management capabilities, enforcing a standard set of access rights for business roles while remaining flexible enough to accommodate the needs of super users. Because the software provides transparency, it becomes easier for managers to spot privilege creep and enforce the principle of least privilege (POLP).

In some organizations, the responsibility for access governance is shared by managing members of the organization’s information technology (IT), business and legal teams. Because privileged users continue to serve as a primary vector for security breaches, it’s important for managers to have visibility into access and work together to mitigate risk and decrease the organization’s attack surface. When access governance becomes a cross-departmental effort, the organization becomes better at staying on top of changing regulatory requirements, adhering to internal policies and conducting access reviews on a regular basis. 

This was last updated in October 2016

Continue Reading About access governance (AG)

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • What is cybersecurity?

    Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.

  • private key

    A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt ...

  • DOS (disk operating system)

    A DOS, or disk operating system, is an operating system that runs from a disk drive. The term can also refer to a particular ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

SearchStorage
  • RAID 6

    RAID 6, also known as double-parity RAID, uses two parity stripes on each disk. It allows for two disk failures within the RAID ...

  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

  • NOR flash memory

    NOR flash memory is one of two types of non-volatile storage technologies.

Close