IGA (Identity Governance & Administration)
The discipline of governing the full identity lifecycle at enterprise scale — including birthright provisioning (new hire automatically gets the right access on day one), access reviews (managers / data owners periodically certify who has access to what), Separation-of-Duties (SOD) policy enforcement (no single user should have conflicting roles), and joiner/mover/leaver workflow.
IGA sits *above* the IAM directory layer (Okta, Entra ID, AD) — those systems hold identity records and authenticate users; IGA orchestrates the workflows around lifecycle changes and the recertification of access. The dominant IGA platforms in the Fortune 500 are SailPoint (sail-point-rest), Saviynt, and Oracle Identity Governance.
In an AE Guardian deployment, IGA matters because SailPoint is typically the upstream system of record for identity lifecycle, and AE Guardian acts as the downstream PIAM consumer. SailPoint owns "is this user actively employed and entitled to access" — AE Guardian receives that signal and drives PACS / IAM / network provisioning accordingly.
What other systems call it
Per-vendor / per-standard terminology for this same concept.
| System | Term / Notes |
|---|---|
 AlertEnterprise | IGA upstream consumer for PIAM workflows |
| SASailPoint | SailPoint Identity Security Cloud — dominant IGA platform |
Used by 1 connector
Connectors in the catalog that reference this concept.