In Service Deprovisioning as a Security Practice, I asserted that using a structured process for shutting down unused applications, servers & firewall rules was good security practice.
On the more traditional employee/contractor deprovisioning process, I often run into managers who view employee deprovisioning as something that protects the organization from the rogue former employee who creates chaos after they leave. If they feel that the former employee is leaving on good terms and unlikely to ‘go rogue’, they treat account deprovisioning as a background, low priority activity.
There is obviously an interest in protecting the organization from the actions of the former employee, but something that is just as important to me is to protect the employee/contractor from events that happen after they leave. I’d really hate to see someone get blamed for an event that happened after they left our employment. That’d be really unfair to them.
For employees who are leaving on good terms, making sure that they are properly disabled is essential to insure that they don’t get blamed for things that they didn’t do.