Every year our auditors require us to audit our users and remove permissions from inactive users.  Currently I take screen shots of the security section with the users and then have to determine who is active and who is not.