Sometimes abbreviated to IAM, identity and access management refers to all of the policies, processes, procedures and applications that help an organization manage access to information.
Best practices and important rules such as Sarbanes-Oxley (SOX) in corporate governance, the Health Information Portability and Accountability Act (HIPAA) in healthcare, and the Gramm-Leach-Bliley Act (GLBA) in financial services all require organizations to escalate protection of certain kinds of records. And yet, information must be available to the people who need it. Large organizations need to tie risk analysis and policy development to sophisticated applications that can help them empower employees, investors, customers, partners and many others.
Specific concepts, standards and applications that help with identity and access management include authentication, user life-cycle maintenance, federated identity, single sign-on, provisioning and Role Based Access Control (RBAC).