By default, Hitachi ID Identity Manager retains a history of all change requests -- including requester, recipient, authorizers, times and dates, operations, attributes, entitlements and either connector results or implementer feedback -- indefinitely. This means that an auditor can answer questions such as "who requested or approved that this user receive this entitlement?" years after the fact.
In addition to changes initiated through a Identity Manager process (automation, request portal, API, etc.), Identity Manager detects changes made natively on integrated systems and applications. This includes creation of new and deletion of existing accounts as well as changes to account attributes, group memberships and status (e.g., enabled/disabled). This monitoring is used to maintain an internal model in Identity Manager's database of all IDs and entitlements on integrated systems.
Identity Manager can be configured to retain history in detected entitlements
and attributes as well. This history is visible through the request
portal and enables auditors to ask questions such as "when did this
user acquire this entitlement on this system?" even where such changes
did not originate with Identity Manager.