Gartner Research

Access Certification and Entitlement Management

Published: 09 September 2009

ID: G00203806

Analyst(s): Ian Glazer


Early in 2009, Burton Group conducted a series of in-depth interviews with enterprises representing a diverse set of industries to determine the progress of role management projects and role management techniques. Consistently, access certification, in response to compliance needs, was cited as a major component of overall role and identity programs at these enterprises. Teams interviewed also discussed their associated needs and approaches to the gathering, cleansing, translation, and usage of entitlements--the discipline of entitlement management. In this Methodologies and Best Practices document, Senior Analyst Ian Glazer reviews these enterprises' approaches to access certification and entitlement management.

Table Of Contents

Research Methodology

  • Expectations and Discoveries

Entitlement Management

  • Cleaning Up Entitlements
  • Challenges of Cleansing Entitlements
    • System Relationships
    • Mainframe Entitlements
  • Entitlements and the LOBs
  • Entitlement Management as Data Management
  • Entitlement Repository Facilitating Access Certification

Access Validation, Not Access Certification

Access Certification

  • Project Drivers
  • Getting Started with Access Certification
  • Roles and Access Certification


  • The Audacity of Spreadsheets
  • Selecting an Alternative



©2021 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.