IGA or identity governance and administration. The overview does this. So to speak the traditional core component of identity and access management, even while I should say that more and more focuses on the access management piece. So enabling access, doing the authentications, et cetera, but IGA is important. It is a core element and it will remain core element of IM infrastructures. So what is it about it's an integrated solution, which usually is of which supports two areas, which is identity, lifecycle management, or identity provisioning and access governance.
So these are two elements. And when we would go back into history of identity access management, we would see that there's capabilities commonly separate. So we had identity life cycle management, identity provisioning way earlier than access governance. Access governance started then with separate solutions over time. Most vendors switched to an integrated approach, which is today called IGA. So it's one IGA system covering both areas. They share these capabilities, shares a common set of capabilities, such as a consistent UI, integrated auditing and reporting and workflows. And also they share usually the connectors, even while I have a dotted line here, which says there might be also a separate type of access for the current entitlements from various systems specifically when you don't have a connector for the life cycle and provisioning, they are built to support both the key I management process, such as try and someone joining your organization, mover someone, changing his job and lever someone leaving your organization, as well as the approvals for access request and the access reviews to enforcing a least privilege principle. And that set the core element. So what are the main capabilities of I T in a very high level perspective,
It is connectors to boost source systems such as HR for importing data or to data integration platforms. It is about connectors to target systems, such as SAS systems, such as SAP, such as active directory, Microsoft Azure, active directory, and many others. So they connect sources and the targets support, automated provisioning, flows, support workflows for the access request and approval and for supporting the access review. So they have a structured access review campaign. They support of flexible entitlement model. I should do that for instance, roles and other concepts, two tier role models, three tier role models, grouping as flexible as can, they should be. And they support access review capabilities, which is one of, of the main capabilities of access governance to ensure that users don't have more access than they should have. Last, not least more and more of the systems also come with some form of access intelligence, further analyzes of the access risks of iden of identifying higher risk entitlements.
