...
Why recertification is needed?
To guarantee that only authorised authorized personnel have has access to the enterprise's data, owners of key business data must verify that all application and database user entitlements and privileges are recertified on a regular basis. With access recertification, it's assured that no users have access to resources that aren't assigned to them.
Depending upon the size of the company and whether they are public or non-pubic, and the industry they are in, such as banking or finance, etc., many companies are required by law to perform recertification or attestation of access. A company would like to have risk management in place to prevent people from getting toxic combinations of access that could be a risk to the company. For example, a person might get access to create a purchase order as well as access to approve the same purchase order. This is a toxic combination of access and is a potential risk for a company.
...