Keep up-to-date with ITIL news. Low volume to-the-point bulletins...
ITIL v3 definitions for Access Management
Access Management - The process responsible for allowing Users to make use of IT Services, data or other Assets. Access Management helps to protect the Confidentiality, Integrity and Availability of Assets by ensuring only authorized Users are able to access / modify the Assets.
Access Management is sometimes referred to as Rights Management or Identity Management.
Having provided the definition above we also need to provide the definition an Asset:
Asset - Assets of a Service Provider include anything that could contribute to the delivery of a Service. Types of Assets include:
  • Management
  • Organization
  • Process
  • Knowledge
  • People
  • Information
  • Applications
  • Infrastructure
  • Financial Capital
Access Management is an execution of Security and Availability Management, who are responsible for defining the appropriate roles. Seldom does an 'Access Manager' exist in an organization. It is important to have a single Access Management process and a single set of policies related to managing rights and access. It is likely that the process and polices are defined and maintained by Information Security Management and operated by:
Service Desk - Access requests are generally provided via Service Requests. Service Desk will validate the request by checking it is appropriately approved, the user is a legitimate employee, contractor or customer and qualify for access.
The Service Desk may be delegated responsibility for providing access or may pass to the appropriate team.
The Service Desk communicates with the user when access is granted and provides appropriate support as required.
Technical / Application Management - These teams provide several important roles within the ITIL Lifecycle.
During Service Design ensure mechanisms are created to simplify and control Access Management for each service that is designed, together with specifying how abuse of rights are detected and stopped.
At Service Transition they will test the service to ensure that access can be granted, controlled and prevented as designed.
In Service Operation perform Access Management, ensuring that procedures are defined and executed according to the process and policy requirements. In addition respond to incidents and problems related to Access Management
Provide adequate training to the Service Desk / IT Operations Management, ensuring staff have access to the appropriate tools to enable them to perform the required tasks.
IT Operations Management - It is common for Access Management tasks to be delegated to IT Operations Management. Operators will be tasked for providing or revoking access to key systems or resources. The circumstances under which they do so, and instructions for how to do so, must be included in the Standard Operating Procedures (SOPs).


2018-04-24 by "kashif.saeed"

I would appreciate if you can elaborate the difference between Access Management and Request Management.
Reply on 2018-05-11
Many thanks for your question.

In our experience Request Management is often found to accommodate repetitive and well defined requests such as:

 - New Starter or Leaver

 - Implementation of Software or Hardware

 - Access to a system or service

Access Management would be a recipient of the Request as mentioned above and would administer a process to ensure that appropriate checks, approvals and possibly funding is available to enable access to be provided.

Please submit any comments you have about this article.

Your feedback will help add value to the content for other visitors and help us develop the content for the benefit of all.

You will need to provide and verify your e-mail address but your personal information will not be published or passed on to others. To identify each post we take the part of your email address before the @ sign and use that as the identifier, so if you are your post will be marked "by john.smith".

NB: We respond personally to every post, if it calls for it.

If you prefer to respond without posting your comment please use our contact form.

Click the REVIEW button below to preview your comments.

Tags; Access Management,Rights Management,Identity Management,Service Desk,Service Transition,Service Operation,IT Operations Management,Service Provider,ITIL v3
This article has been viewed 35735 times.
NB: This page is © Copyright and / or the relevant publishing author. You may copy this article only in it's entirety, including any author bio and / or credits, and you must link back to

Keeping up-to-date with ITIL...

Keep up-to-date with ITIL news. Low volume to-the-point bulletins...