[jordanbeiber]

It’s just bad practice having accounts scattered through bunches of systems that shouldn’t be used anymore.

It’s often a licensing issue, and definitely a security issue.

Either you maintain this manually - proper time consuming chore at larger companies with many systems and applications.

Or write automations to manage it. Better, but still a lot of work and not always technically possible.

Or you hook as many of these systems as possible up to an SSO solution backed by some kind of identity provider.

This grants many benefits for everyone during the lifecycle of systems and its users - sysadmins, it-support, infosec but perhaps most of all the end-users.

As a manager myself I first and foremost think about how the on-boarding works: is it smooth, and are new hires gaining access to the systems they need without 15 calls to the service desk.