Access Management should be utilized for providing/modifying and removing access rights to agreed services documented within the Service Catalog. The following definitions describe the major concepts involved with the process:
* Access: Refers to the level and extent of a service’s functionality or data that a user is entitled to use.
* Identity: Refers to the information about them that distinguishes them as an individual and which verifies their status within the organization. By definition, the identity of the user is unique to that user.
* Rights: (Also called privileges) refer to the actual settings whereby a user is provided access to a service or group of services. Typical rights, or levels of access, include read, write, execute, change, delete.
* Services or service groups: Instead of providing access to each service for each user separately, it is more efficient to be able to grant each user access to a whole set of services that they are entitled to use at the same time.
* Directory of services: Refers to a specific type of tool that is used to manage access and rights.