Looking for advice /best practice here.
We launch quarterly access reviews for some applications. Sometimes, before a supervisor gets around to do the review an employee has already left and access has been removed based on normal termination procedures. When the supervisor gets around and marks the users access to be revoked in the review we have it set to a manual fulfillment and it emails the help desk.
Right now, the help desk are getting emails to remove access for users that have already been removed, due to the delay in completing the review.
What is the best way to check that the access is still there before sending the remove email?