Deprovisioning is the controlled removal of user accounts, access rights, and resources when a person leaves the organization or changes roles. It is the counterpart to provisioning (setting up access).
Fast, complete deprovisioning is among the most critical security processes. Orphan accounts are a popular entry point for attackers. ISO 27001 Annex A (A.5.18) requires regular review and timely removal of access rights that are no longer needed. In practice, deprovisioning is ideally automated through identity management systems, linked to HR processes such as termination or department transfers.