User Provisioning / User Account Provisioning is an Identity Access Management (IAM) process that ensures employee/user accounts are created, updated, deleted, and given proper access across multiple applications and systems at the same time. User information such as name, attributes, group name, and other associated data are available through account and access management, which allows you to grant or prohibit access based on your needs. User Provisioning can be triggered by events like hiring, promotions, and transfers.
In other words, user provisioning helps you provide the right level of access to the right users during onboarding, update access throughout employment, and—during the deprovision process—remove access when an employee leaves the organization.
Provisioning tools also automatically aggregate and correlate identity data from HR, CRM, email systems and other "identity stores." Fulfillment is initiated via self-service, management request or HR system changes. Regulatory compliance and security efficiencies continue to drive most user-provisioning implementations.
Deprovisioning, on the other hand, refers to the process of disabling or removing a user's access to a system or application. This process typically includes disabling the user's account, revoking permissions, and removing the user from any groups or roles they were a member of. Deprovisioning is usually done when an employee leaves a company, or when a user's access is no longer needed for some other reason. It is important to have a well-defined process in place for both provisioning and deprovisioning to avoid security breaches and compliance issues.