account if they discover the password. Logs will record the activity in
               the name of the terminated employee instead of the person actually

               taking the action.

               It’s possible the account will be needed, such as to access encrypted
               data, so it should not be deleted right away. When it’s determined that
               the account is no longer needed, it should be deleted. Accounts are
               often deleted within 30 days after an account is disabled, but it can
               vary depending on the needs of the organization.

               Many systems have the ability to set specific expiration dates for any
               account. These are useful for temporary or short-term employees and

               automatically disable the account on the expiration date, such as after
               30 days for a temporary employee hired on a 30-day contract. This
               maintains a degree of control without requiring ongoing
               administrative oversight.