Term · 4. Roles, Policies & Access Rights
Application Access Governance AAG
Definition
Application-specific identity governance — managing entitlements within a specific application (Salesforce, SAP, Workday). Includes role design, access certification, SoD enforcement, and audit reporting at application level. Often handled by application-specific add-ons (e.g., SailPoint Application Access Governance for SAP).
- Synonyms
-
- In-Application Access Governance
- AAG
- Application
- Regulatory: Gartner Magic Quadrant / Hype Cycle
- Standards & regulations
-
- Gartner
Related terms
-
Role Mining (RM)
Analytical process of discovering role patterns by analyzing existing access data — clustering users with similar entitl …
-
Access Request Process
Access Request Process is the structured set of steps through which a subject (such as a user, service account, or appli …
-
Approval Workflow
An **approval workflow** is a predefined sequence of tasks and decision steps in which one or more designated actors rev …
-
Birthright (BR)
Baseline access granted automatically to every identity of a specific type — typically minimal access required to functi …
-
Delegated Administration (DA)
Permission model where administrators delegate specific management functions to other users within scoped boundaries — t …
-
Role Assignment (RA)
Specific instance of assigning a role to an identity — captures who, when, why, with what expiration. Direct (manually r …