Come audit time, the main questions that are asked of an Identity team is how they perform Governance of User Identities and accounts across systems. This includes a full breakdown of policies for the Identity Lifecycle, historical records of RBAC and ABAC, as well as the attestation workflows assigned to more privileged accounts and users. These questions can either be easily answered through reports from a feature-rich IGA system, or involve pulling records from multiple systems and manually merging data from emails, Service Tickets, Directory records, and more.
A strong Identity Program takes audits in its stride and moves on with the day. These reports should take minutes to generate, not days.