Identity lifecycle management is the process of creating, updating, governing, and removing identities and access as users join, change roles, and leave an organization. It matters because stale or inappropriate access often appears when identity changes are not handled consistently.
What is Identity Lifecycle Management?
Identity lifecycle management covers provisioning, modification, suspension, deprovisioning, and review of user and service identities across systems. It helps ensure that access reflects real business need over time rather than accumulating through drift.
What Identity Lifecycle Management Commonly Includes
Common activities include joiner-mover-leaver workflows, approvals, automatic provisioning, timely deprovisioning, role changes, and coordination with HR or authoritative identity sources.
Identity Lifecycle Management vs. Access Review
Lifecycle management handles access changes operationally over time. Access review validates whether granted access is still appropriate at a point in time.
Frequently Asked Questions
Why is identity lifecycle management important?
Because access that is not updated when people change roles or leave the organization becomes a major source of hidden risk.
Does lifecycle management only apply to employees?
No. It also matters for contractors, vendors, service accounts, and other non-human identities.
Related Cybersecurity Terms
