My question is Security process related specific to internal employee transfers (new job responsibilities). My organization has typically added requested access to a users' account, and infrequently removed access no longer required. In the event where there has been a job transfer, the user may have more security capability than required in the new job. In the current internal process, the security administrator has no visibility to employee transfers. I'm seeking input on practicle ways to remove access no longer required without impacting the user with downtime should a proactive end of access date be dictated. Recommendations?