Term · 3. Account Management & Provisioning

HR Policy

IDM/IGA Domain

Definition

Policies governing identity lifecycle based on HR data — what triggers provisioning, what role mapping applies, what approval is needed for exceptions. Examples: «contractors get standard contractor profile + 90-day expiry», «promotion triggers re-certification of access», «termination triggers immediate session termination across all systems».

Application: Codified in IGA platforms as workflow rules, role assignments, and policy decisions. Often co-owned by HR (process owner) and IT/Security (technical implementation). Foundation for SOX, SOC 2, and ISO 27001 access management evidence.

Related terms

Audit

Independent examination of identity controls, processes, and records to verify compliance with policy and regulatory req …
Compliance

Adherence to applicable laws, regulations, standards, and internal policies governing identity and access management. Co …
Identity Governance (IG)

Discipline of policies, processes, and oversight ensuring identities have appropriate access — no more, no less — throug …
Access Certification (AC)

Periodic review process where designated reviewers (managers, role owners, application owners) attest that users still n …
Entitlement Creep

Gradual accumulation of access rights beyond what's needed for current job, as users change roles without losing prior a …
Internal Control (IC)

Process or mechanism implemented by management to provide reasonable assurance regarding effectiveness of operations, re …

← Back to glossary · Open in main list