Term · 1. Core IAM
Identity and Access Management IAM
Definition
Umbrella discipline covering identity creation/management, authentication, authorization, and audit across an organization. Encompasses subcategories: IDM (directory + provisioning), IGA (governance + lifecycle workflows), PAM (privileged access), CIAM (customer identity), AM (access management), and emerging ITDR/ISPM (identity security).
- Application
- MidPoint: Identity and access management (IAM) is a field concerned with managing identities (e.g.
SailPoint: SailPoint Identity Security Cloud (ISC) — full IAM SaaS platform
- Standards & regulations
-
- NIST SP 1800-2 «Identity and Access Management (IdAM) is the discipline that enables the right individuals to access the right resources at the right times for the right reasons.»
- NIST SP 800-207 «Identity and access management: The process of granting authorized users the right to use a service, while preventing access to non-authorized users.»
- Sources
-
- NIST SP 1800-2 (csrc.nist.gov) primary source
Related terms
-
Access Management (AM)
Discipline of granting and enforcing access to resources after identity has been established. Encompasses authentication …
-
CIAM (CIAM)
Customer Identity and Access Management — specialized IAM for managing customer (not employee) identities. Differs from …
-
Digital Identity (DI)
Set of attributes, credentials, and identifiers that uniquely represent a person or non-human entity in digital systems. …
-
Entity
Anything that can be assigned a digital identity and act in systems — humans, service accounts, API clients, AI agents, …
-
Identity Governance (IG)
Discipline of policies, processes, and oversight ensuring identities have appropriate access — no more, no less — throug …
-
Identity Governance and Administration (IGA)
Gartner-defined category combining identity governance (policies, access reviews, compliance) with administration (provi …