Access recertification is one of the most disliked processes in Identity & Access Management, and for good reason.

In this episode, Matthias Reinwarth and Martin Kuppinger challenge the way organizations approach access reviews. Instead of endlessly optimizing broken campaigns, they ask a more fundamental question: What if we eliminated most of recertification altogether?

Key topics:
✅ Why traditional access certification campaigns fail
✅ How overengineered role models create complexity and “rubber stamping”
✅ Why 80–90% of entitlements can be automated via policy
✅ How time-limited access dramatically reduces review effort
✅ Where AI and usage analytics can safely remove unused permissions
✅ Why static entitlements and standing privileges are the real root cause
✅ How modern authorization (e.g., externalized policy models) changes the game

The discussion also touches on the 50-year legacy of IBM RACF and why we still haven’t fully embraced externalized authorization — despite knowing better since 1976.

If you struggle with 70-page access review PDFs, role explosion, or endless recertification campaigns, this episode offers practical, implementable guidance — much of it possible with capabilities you already have in place.