Skip to main content
IT KORR
IT KORRKeeping Organizations Reliable & Resilient
Identity & Access Management · Download

Identity Governance Checklist

A checklist covering provisioning, access reviews, and deprovisioning discipline across the identity lifecycle.

IT KORR Knowledge Center

Identity Governance Checklist

A checklist covering provisioning, access reviews, and deprovisioning discipline across the identity lifecycle.

Provisioning (Joiner)

  • Role-based access templates defined for every job role.
  • New-hire access provisioned against the template on day one, not ad hoc.

Role Changes (Mover)

  • Every role change triggers a full access review, not just an addition of new access.
  • Access tied to the prior role explicitly removed, not left in place.

Offboarding (Leaver)

  • Access revoked same-day across the identity provider and every connected system.
  • Shared credentials the departing employee had access to are rotated.
  • Offboarding trigger is tied directly to HR notification, not a separate manual process.

Ongoing Governance

  • Periodic access review conducted at least quarterly or semi-annually.
  • Service account privilege scope included in the same review cycle as human accounts.
  • Review outcomes documented, including any access removed.

Related Resources

  • Identity Lifecycle and Joiner-Mover-Leaver Governance — /knowledge-center/cybersecurity/identity-access-management/identity-lifecycle-governance
  • Identity & MFA Readiness Assessment — /tools/identity-mfa-readiness-assessment

This document is a starting-point resource, not legal or compliance advice. Review it against your organization's actual systems before adoption — see the full Identity & Access Management Hub for the reasoning behind each recommendation, or use the Identity & MFA Readiness Assessment to evaluate your current posture.

Build: add8299 | Built: Jul 9, 2026 9:26 PM EDT