By default, Hitachi ID Identity Manager retains a history of all change requests -- including requester, recipient, authorizers, times and dates, operations, attributes, entitlements and either connector results or implementer feedback -- indefinitely. This means that an auditor can answer questions such as "who requested or approved that this user receive this entitlement?" years after the fact.
In addition to changes initiated through a Identity Manager process (automation, request portal, API, etc.), Identity Manager detects changes made natively on integrated systems and applications. This includes creation of new and deletion of existing accounts as well as changes to account attributes, group memberships and status (e.g., enabled/disabled). This monitoring is used to maintain an internal model in the Identity Manager database of all IDs and entitlements on integrated systems.
Identity Manager can be configured to retain history in detected
entitlements and attributes as well. This history is visible through
the request portal and enables auditors to ask questions such as
"when did this user acquire this entitlement on this system?" even
where such changes did not originate with Identity Manager.