Which term describes a logical grouping of entitlements (access) that define the ability of users to perform business tasks?

The term that describes a logical grouping of entitlements (access) that define the ability of users to perform business tasks is "Functions." In the context of identity governance and administration, functions encapsulate specific sets of entitlements that align with business roles or activities. These groupings allow organizations to assign access based on job responsibilities, ensuring that users have the necessary permissions to perform their tasks effectively.

Functions are critical in managing user access because they simplify the assignment and management of entitlements, promoting consistency and compliance within the organization. By defining access in terms of functions, it becomes easier to align user capabilities with business needs, thereby enhancing operational efficiency and reducing the risk of unauthorized access.

Other terms such as risks, SOD (Segregation of Duties), and mitigating are related to identity governance but don't specifically describe the concept of grouping entitlements. Risks pertain to potential vulnerabilities or threats, SOD refers to the practice of ensuring that no single individual has control over multiple steps of a transaction to prevent fraud, and mitigating involves strategies to reduce risks. None of these terms directly define the logical grouping of entitlements for enabling business tasks as effectively as functions do.