Benefits
Every organisation depends on users getting the right access at the right time. It sounds straightforward, but in reality, managing user access across dozens or hundreds of applications can get messy very quickly. That’s where the Joiner–Mover–Leaver (JML) framework comes in.
JML is the backbone of an identity program. When it works well, access stays clean and predictable. When it doesn’t, you see over-permissioned users, orphan accounts, audit findings, and frustrated teams.
Benefits
The Context:
At Corp Inc., a technology startup, HR is onboarding fresh talent every week. But for IT, onboarding is a nightmare and controlled chaos.
Benefits
- Accounts have to be manually created by IT across multiple systems and applications making it cumbersome, time consuming and error prone
- Offboarding is even worse - accounts often stay active for months after someone has left.
JML in Action:
Benefits
This article breaks down the JML process into simplified practical components.
Why JML Matters So Much?
A user’s access isn’t static. It changes from the day they join, through role changes, until the day they leave. If you don’t manage that lifecycle cleanly, you create:
Benefits
- Access creep
- Security gaps
- Compliance issues
- Operational overhead
- Stale accounts across systems
A good JML model keeps access aligned with the user’s real-world role at all times.
The Three Stages of JML
Joiner: The Day One Experience
Benefits
The Joiner stage defines how access is created when someone is hired into an organisation. A strong Joiner process should:
- Create the user record in the Identity system
- Generate primary accounts (AD / Azure AD / HRMS-driven)
- Assign base roles based on HR attributes
- Provision access to core apps (email, collaboration tools, VDI, etc.)
- Trigger approval workflows only when needed
- Ensure the user is productive on day one
A well-designed Joiner flow reduces manual tickets and avoids delays that hurt onboarding experience.
Mover: The Most Ignored Stage (but the most important)
Benefits
Most access issues come from movers. When an employee changes department, project, or function, old access often stays behind while new access keeps getting added. A proper mover process should:
- Detect role/location/manager/department changes
- Remove access tied to the old role
- Add access tied to the new role
- Apply SoD checks before new entitlements
- Update accounts across systems consistently
- Handle both temporary and permanent movements
If you get the Movers right, you eliminate access creep almost entirely.
Benefits
Leaver: The Last Line of Defence
When a user exits the organisation, the clock starts ticking. Any delay in deprovisioning creates risk. A good leaver workflow should:
- Receive termination flags from HR in real time
- Immediately disable access in primary systems
- Clean up roles and entitlements
- Close privileged accounts
- Archive or transfer data as needed
- Remove licenses to save cost
Fast deprovisioning is one of the most effective ways to reduce security exposure.
Key Ingredients of a Strong JML Program
Reliable source of truth
Benefits
HR should drive the lifecycle not manual tickets. When HR data is inaccurate, JML breaks.
Attribute-driven access
Benefits
Department, job title, region, cost center drives the logic. More the attribute consistency, fewer the exceptions.
Role model that actually works
Benefits
Well-designed base roles, application roles, and birthright access simplifies onboarding and reduces approvals.
Automation where it matters
Benefits
Most JML actions should be automated. Approvals should only be used for high-risk cases.
Timely updates
Benefits
HR must publish changes quickly. Apps must receive updates without delay.
Benefits
Audit-ready logs
Every creation, update, and removal should be captured cleanly.
Common Pitfalls Companies Face
Benefits
- Movers not handled properly
- HR data not standardised
- Too many manual approvals
- Birthright access that is too broad
- Delayed terminations
- No automated SoD checks
- Inconsistent access across apps
Fixing even two or three of these can dramatically improve the entire lifecycle.
Benefits
What a Good JML Model Looks Like in Practice
Imagine this flow:
- HR creates a new hire → identity platform generates the user profile + assign base access automatically.
- Manager changes → access tied to the old role drops off; new access is added instantly.
- Employee resigns → all accounts are disabled within minutes; privileged access is removed first.
- Audit logs clearly show each action.
- No dependency on tickets or spreadsheets.
This is the ideal state organisations aim for.