After a user account has been provisioned to the systems in an enterprise access to resources is managed by an access management system. Identity management and access management are not necessarily interdependent. Enterprises often provision user accounts manually or use custom processes such as batch files or scripts. Whichever, provisioning method is used an access management system can be used to enforce the enterprise access rules.
Access management consists of two parts:
• Authentication - Is this a valid user?
• Authorization - Does this authenticated user have the rights to access this resource.
Authentication can be by user-id and password but multi-factor authentication is now becoming much more common.