Over time, most employees and some contractors move from job to job. As employee responsibilities change, so do their required access to systems and applications.
Users can be counted on to request and acquire entitlements they need to do their job. Unfortunately, they cannot be relied on to ask for no-longer-needed entitlements to be removed. Most users:
Reliable entitlement acquisition combined with unreliable entitlement removal mean that users tend to accumulate unneeded entitlements over time. This creates security exposure, as no-longer-needed entitlements may be abused.
Access Certifier acts as a counter-balance to reliable entitlement acquisition business processes by periodically inviting responsible parties to review current entitlements and request removal of those which are no longer needed.