In most organizations, data about what entitlements users have exists solely inside individual systems and applications. This makes it difficult for auditors to answer simple questions, such as:
When these questions are hard to answer, they are rarely asked. This weakens internal controls.
Access Certifier can be used by organizations to more readily audit entitlements, including change history and policy violations.