GRC Evolution

Home | GRC | GRC Evolution

Definitions change. Requirements too. What once began as Identity Management is much more effective today.

It is not always strictly interpreted what the department can do for an organization today. This means that the terms are also used differently. We want to counteract the general confusion and show here the evolution from the former IDM to today’s GRC, the highest evolutionary level.

[

IDM

Identity Management

Digital identities

-> Objective: the reduction of user administration

\

IAM

Identity & Access Management

+Creation of role models

-> Objective: to simplify the assignment of access and rights

_

IAG

Identity Access Governance

+Approval processes

+Validations of authorizations

+Traceability of authorizations

-> Objective: the enforcement of guidelines and adherence to compliance

c

IGA

Identity Governance & Administration

“Gartner” definition: merging of two magic quadrants:

User administration & provisioning

Identity & Access Governance

-> Objective: the merger of several supplier products

GRC

Governance, Risk Management & Compliance

Summary of the three most important levels of action:

IT Governance

IT Risk Managament

Compliance

Centralization of the complete identity life cycle

Extensive automation

-> Objective: consistent information security