Term · 9. Business Processes & Methodology

Role Mining RM

IDM/IGA Domain

AuthZ JML ISO/IEC Introduced by: Gartner Introduced by: KuppingerCole

Definition

Analytical process of discovering role patterns by analyzing existing access data — clustering users with similar entitlements, identifying common entitlement combinations, suggesting candidate roles. Top-down role mining starts from business structure; bottom-up starts from access data. Most deployments use both.

Synonyms

Role Mining

Application: MidPoint: Semi-automated process of detecting and suggesting definition of roles, based on existing data.

Related terms

Application Access Governance (AAG)

Application-specific identity governance — managing entitlements within a specific application (Salesforce, SAP, Workday …
Birthright (BR)

Baseline access granted automatically to every identity of a specific type — typically minimal access required to functi …
Delegated Administration (DA)

Permission model where administrators delegate specific management functions to other users within scoped boundaries — t …
Role Assignment (RA)

Specific instance of assigning a role to an identity — captures who, when, why, with what expiration. Direct (manually r …
Role Creation

Process of defining a new role in the role catalog — naming, description, business owner, included entitlements, approva …
Role Lifecycle Management (RLM)

Discipline of designing, approving, deploying, certifying, modifying, and retiring roles throughout their useful life. I …

← Back to glossary · Open in main list