Access governance is an aspect of information technology (IT) security management that seeks to reduce the risks associated with end users who have unnecessary access privileges.

An important goal of access governance is to reduce the cost and effort that’s involved in overseeing and enforcing access policies and management procedures, including recertification. Many access governance software applications combine with Identity and Management capabilities, enforcing a standard set of access rights for business roles while remaining flexible enough to accommodate the needs of super users.