Skip to main content

Skillber v1.0 is here!

Learn more
On this page

    Identity Governance Flashcards

    Checking access...

    Test your understanding of the Identity Governance module. Click a card to flip it between question and answer. Use the arrows, keyboard (← →), or swipe on mobile to move through the deck.

    1 / 0
    Question

    What is Identity Governance?

    Click to reveal answer

    Answer

    The discipline of ensuring that the right people have the right access to the right resources — and that this access is properly controlled, reviewed, and auditable. It provides the accountability layer of IAM.

    Click to see question

    Question

    What are the four phases of the identity lifecycle?

    Click to reveal answer

    Answer

    Joiner (account creation, role assignment), Mover (role changes, transfers, promotions), Leaver (account deactivation, data handover), and Rehire (account restoration, entitlement review).

    Click to see question

    Question

    What is access certification?

    Click to reveal answer

    Answer

    Periodic reviews where managers and resource owners validate whether users still need their current access. Certification campaigns are the primary mechanism for detecting and remediating privilege creep.

    Click to see question

    Question

    What is Segregation of Duties (SoD)?

    Click to reveal answer

    Answer

    Policies that prevent any single individual from holding conflicting permissions that could enable fraud or abuse. SoD analysis detects toxic permission combinations across all of a user's roles and entitlements.

    Click to see question

    Question

    What is role mining?

    Click to reveal answer

    Answer

    The process of discovering natural role groupings from existing access data. Role mining analyses current user entitlements to identify patterns that can be used to design a role-based access control model.

    Click to see question

    Question

    What are the consequences of inadequate identity governance?

    Click to reveal answer

    Answer

    SOX violations, GDPR fines, insider fraud, data breaches, and the inability to answer the most basic audit question: "Who has access to what, and is that access appropriate?"

    Click to see question

    Question

    What is identity analytics?

    Click to reveal answer

    Answer

    Advanced analytics that detect anomalies in identity behaviour — dormant accounts, unusual access patterns, privilege escalation, and potential insider threats. Analytics transform IGA from reactive compliance into proactive security.

    Click to see question

    Question

    What is the relationship between IGA and GRC?

    Click to reveal answer

    Answer

    IGA is the governance pillar of GRC (Governance, Risk, and Compliance). It provides the data and controls that feed risk management (which access combinations create risk) and compliance (proving access is appropriately controlled).

    Click to see question

    Question

    What are the key capabilities of an IGA platform?

    Click to reveal answer

    Answer

    Identity lifecycle management, access certification campaigns, segregation of duties analysis, role management and mining, identity analytics, self-service access requests, compliance reporting, and policy enforcement.

    Click to see question

    Question

    What compliance frameworks require identity governance controls?

    Click to reveal answer

    Answer

    SOX (Section 404 — internal controls), GDPR (Article 5 — accountability), HIPAA (access control for ePHI), PCI DSS v4.0 (Requirement 7/9 — need-to-know and access review), ISO 27001 (A.9.2 — user access provisioning and review), and NIST SP 800-53 (AC-2 — account management).

    Click to see question

    Question

    What is self-service IAM in the context of governance?

    Click to reveal answer

    Answer

    Access requests, approval workflows, password management, and user experience features that allow users to request and manage their own access while maintaining governance controls through automated approval chains.

    Click to see question

    Question

    What is privilege creep and how is it detected?

    Click to reveal answer

    Answer

    Privilege creep is the gradual accumulation of excessive permissions over time as users change roles. It is detected through regular access certification campaigns and identity analytics that flag users with permissions exceeding their current role requirements.

    Click to see question

    Swipe or use arrows

    Tip

    Review any cards you got wrong by navigating to the corresponding module page for a deeper explanation.