Are no longer associated with a user or individual;
Are in violation of organizational policy; or
Have been inactive for [ Assignment: time period ].
Guidance
Disabling expired, inactive, or otherwise anomalous accounts supports the concepts of least privilege and least functionality which reduce the attack surface of the system.