Identity Governance enables organizations to define policies that regulate and control the exchange of identity information between application systems both internally and with external partners.
Identity governance provides tools for managing roles. Where identity management focuses on the lifecycle of a user, roles (technical to business) also have a life cycle to manage. The roles associated with a person evolve and it is important to review assigned roles regularly. Left unmanaged, accounts continue to gather entitlements which leads to accounts with access to multiple resources that they might no longer need (privilege creep).
Identity governance tools typically offer the following capabilities: