Subscribe to the Non-Human & AI Identity Journal

What breaks when vendor management policies do not cover access removal?

When offboarding is not explicit, vendor credentials can survive the contract and continue to access systems, data, or automation paths long after the business need ends. That creates standing exposure that security teams often discover only after an incident or audit. The fix is lifecycle enforcement, not just contractual language.

Why This Matters for Security Teams

Access removal is the point where vendor management stops being a procurement issue and becomes a security control. If offboarding is not covered, external users, service accounts, API keys, and automation credentials can remain active after a contract ends or a role changes. That leaves systems exposed to misuse, data retention disputes, and unreviewed privileged paths that no longer have a business owner.

This failure mode is especially common in environments where vendors support cloud operations, DevOps pipelines, customer support tooling, or finance workflows. Those paths often inherit broad access to reduce friction, then remain in place because no one owns the cleanup step. Current guidance in the NIST Cybersecurity Framework 2.0 reinforces that governance is not complete unless access is provisioned, monitored, and removed in a controlled lifecycle. For NHI-heavy environments, this also overlaps with the OWASP Non-Human Identity Top 10, because machine credentials are often the part that survives longest.

In practice, many security teams encounter the weakness only after a vendor disconnect, a failed audit, or an incident review shows that dormant access was never revoked.

How It Works in Practice

Effective access removal starts before offboarding. Vendor onboarding should create a complete inventory of who or what was granted access, what systems were touched, what authentication method was used, and who owns the approval to revoke it. That inventory must include human vendor users, NHI assets such as service accounts and API tokens, and any delegated access embedded in scripts, RPA workflows, or CI/CD pipelines.

Security teams usually need to coordinate across procurement, IT, application owners, and the vendor sponsor. The control objective is simple: when the contract, work order, or support need ends, every related access path must be disabled or rotated. In a mature process, that includes identity lifecycle triggers, entitlement review, key and secret rotation, log review, and confirmation that shared credentials were not reused elsewhere.

  • Tie vendor offboarding to contract end dates, ticket closure, or approval revocation.
  • Separate human access from NHI access so machine credentials can be removed or rotated independently.
  • Map privileged access to NIST SP 800-53 Rev 5 Security and Privacy Controls for account management, access enforcement, and auditability.
  • Confirm removal in the target system, not just in an identity portal, because sync delays and cached tokens can preserve access.

This is also where monitoring matters. Access removal should be verified in logs, SIEM alerts, and privileged session records so the team can see whether the vendor still has a functional path. Best practice is evolving for agentic workflows, but the principle is unchanged: if a vendor system or AI agent can still call tools after offboarding, the access removal process was incomplete. These controls tend to break down when vendor access is embedded in shared automation accounts because the business relies on the account more than it understands it.

Common Variations and Edge Cases

Tighter offboarding often increases operational overhead, requiring organisations to balance speed of vendor transition against confidence that all access has truly been removed. That tradeoff is manageable, but only if the policy distinguishes between standard user access, privileged access, and non-human access.

Some vendors use single sign-on, while others authenticate through local accounts, API keys, certificates, or time-bound tokens. There is no universal standard for this yet, so the practical answer is to require explicit removal evidence for each access type. In regulated environments, the bar is higher because audit teams will expect clear ownership, timestamps, and retention of approval records. In cloud and DevOps environments, the tricky edge case is dormant secret reuse: a vendor may appear offboarded in IAM while a token still works in a pipeline, container image, or infrastructure-as-code repository.

When a vendor is also supporting an autonomous agent or AI workflow, access removal must cover the agent’s tool permissions and any connected secrets. That intersection is increasingly relevant for NHI governance, but current guidance suggests treating it as part of standard lifecycle control rather than a separate exception path. The safest pattern is to validate removal in the systems of record, then test the highest-risk tool paths directly before closing the offboarding ticket. For identity programs that touch machine and human access together, this is where the OWASP Non-Human Identity Top 10 and control mapping in NIST guidance remain especially useful.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0, NIST SP 800-53 Rev 5 and NIST AI RMF set the governance and control requirements practitioners need to meet.

Framework Control / Reference Relevance
NIST CSF 2.0 PR.AC Access lifecycle control is central to preventing lingering vendor access.
NIST SP 800-53 Rev 5 AC-2 Account management controls cover creation, review, and timely removal.
OWASP Non-Human Identity Top 10 NHI lifecycle management Vendor credentials and tokens are non-human identities that must be revoked.
NIST AI RMF GOVERN AI and agent access removal needs clear ownership and accountability.

Inventory and revoke all vendor NHIs, including tokens, keys, certificates, and service accounts.