Entities, such as corporation, may use systems that cannot be accessed unless users are authorized. For example, a corporation may have a server that contains corporate financial data. Access to the server may be restricted to persons that have a need to access financial data and that are authorized to access the financial data via a corporate network.
One or more network administrators may be responsible for providing authorization information to users so that the users can access protected data, such as financial data. Companies may wish to perform periodic audits of systems that include protected data (e.g., financial data) and/or users that access these systems. For example, a company may wish to perform quarterly audits to ensure that only persons with an ongoing need to access protected data can do so. Certain individuals, such as managers, may need to determine whether the users have a continued need to access the protected systems. These individuals may find it difficult and/or time consuming to make accurate determinations with respect to users' access needs and/or rights when a large number of users and/or protected systems are involved. As a result, performing accurate audits of protected systems and/or of users having access to these systems may be very costly to entities that use protected systems.