Identity Glossary

Identity Governance and Administration (IGA)

A neutral definition of Identity Governance and Administration: the lifecycle and certification workflows it runs, and the data those workflows depend on.

What Is Identity Governance and Administration?

Identity Governance and Administration (IGA) is a workflow engine for managing the identity lifecycle at scale: provisioning access when someone joins or changes roles, running structured access-request and approval chains, and certifying that existing access is still appropriate on a recurring cadence. IGA platforms typically integrate with HR systems as the source of truth for who should have access to what, then automate the provisioning and deprovisioning that follows.

The most common IGA deliverable is the access certification campaign: a periodic review where managers or application owners confirm that each identity’s access is still needed, and revoke what isn’t. Done well, this closes the gap between what access someone has and what access they should have.

IGA governs the identities it has been onboarded to manage, typically through a connector to a directory, HR system, or application. An identity that was never provisioned through one of those paths, a local account, an unmanaged service account, an account created outside a standard workflow, generally isn’t in scope for IGA’s certification campaigns at all.

Share

The Core Capabilities of IGA

Most IGA platforms are built around five core functions.

1

Provisioning & Deprovisioning

Automatically granting or removing access based on HR events: a new hire, a role change, a termination.

2

Access Requests

Structured workflows for requesting new access, with approval chains routed to the right owner.

3

Certification Campaigns

Periodic, recurring reviews where managers or application owners confirm access is still needed.

4

Joiner-Mover-Leaver Automation

Triggering the right provisioning or deprovisioning action automatically as someone’s employment status changes.

5

Policy & Role Management

Defining standard access bundles (roles) and the policies (segregation-of-duties rules, approval requirements) that govern them.

Frequently Asked Questions

See the Identity System of Record in Action

Hydden discovers, reconciles, and continuously governs every identity — human, machine, and agentic — across your enterprise.

Hydden Logo

Hydden, Inc.

1701 Rhode Island Ave NW, 4th Floor

Washington, DC 20036

SOC 2 Type 2 Certified

Stay Updated

Sign up to be the first to know about important company and product updates

© 2026 Hydden Inc. All rights reserved.Privacy PolicyTerms of Service