In many organizations, there is no complete record of every login ID associated with users. As a result, access deactivation may be incomplete, leaving some login IDs enabled on systems where system administrators did not know the user had them.
In other organizations, the termination process does not notify every relevant system administrator of a user's departure. In these cases, system administrators may fail to remove old login IDs simply because they were unaware of the user's status.
Regardless of the cause, access deactivation is often slow, unreliable or incomplete.
Access Certifier can be used by organizations to ensure that access deactivation is comprehensive and reliable.