User access certification

["sphinx white" <sphinxwhite () gmail com>]

Hi Folks,

In our company we are currently conducting "user access certification" project.

The purpose of the project is to:
* review user accounts by their direct managers and make sure they
have appropriate access rights and privileges are granted on "least
privilege" principle according to their responsibilities;
* get rid of shared accounts;
* cleanup accounts that belong to people that left the company;

This is one of the SOX requirement and has to be done periodically.
Right now the process is not automated and all information and
evidence exchange are organized simply via email and excel docs which
is very inefficient since we have about 40 business critical systems
and thousands of users.

My question is does anybody use any software packages that automate
the process like id-certify for example for the purpose?

I appreciate your input on this.

White