Dealing with "former employees" in your review — the cleanup round
Your first review turns up 8 accounts belonging to people who left years ago. That's not a problem — that's progress. Here's how to handle it without it turning into a blame session.
Your first real access review will inevitably uncover old mistakes: ex-employees with still-active accounts. Treat this as a clean-up exercise, not an opportunity to point fingers.
\n\nBucket your findings
\n- \n
- Truly inactive: no login > 180 days, person no longer in HR. Disable immediately + apply the 30-day rule. \n
- Recently departed: < 90 days since leaving, offboarding partly completed. Fill in the gaps. \n
- Unclear: person is still in HR but hasn't logged in for a long time. Check with their manager. \n
Patch the process at the same time
\nEvery ex-employee account you find is a signal that your offboarding process missed something. Use your findings to improve the process — not to put the previous person responsible in the stocks.
\n\nDocument for audit
\n"During this review we found 12 orphaned accounts and offboarded them" is a strong story for an auditor — it shows that your review process is working. You won't be penalised for it, as long as you can demonstrate how you're preventing it from happening again.
\n\nSee also: tracking down orphaned accounts, review pillar.
Volledige gids: Revisiones de acceso periódicas: proceso, frecuencia y evidencia
Dit artikel is onderdeel van onze uitgebreide Access reviews-gids. Lees de pillar voor het complete plaatje.
Lees de pillar →