With CA Cleanup for ACF2, how long should a site wait to before running the reports and cleaning up unused(un-referenced) objects?

Release:
Component: AWAGNT

CA recommends the following when using CA Cleanup for ACF2. 

• Running the CA Cleanup main task all the time. Access from before the installation is unknown. 
• Scheduling regular updates of the CA Cleanup database to keep it in synch with the CA ACF2 databases. This can be daily or weekly depending on the security system change. 
• Performing the scheduled updates with the AT5#DBU utility *ALL* function. 
• Waiting several months before removing unused security records CA Cleanup tracks unused. 
• CA ACF2 database records over time and should run through critical processing periods such as month, quarter, and year end. 
• Running the CA Cleanup reports without removing the unused security records to analyze the reports. This allows you to familiarize yourself with the reports and their capabilities. 
• A phased approach to implementation. An attempt to cleanup all three CA ACF2 databases at one time produces an unmanageable number of obsolete security file entries. Begin with a small batch of CA ACF2 rule sets or logonids. 

Sites can wait a couple of months for the tracking data to build a base of tracking data and then run the reports to analyze the referenced and unreferenced security file entries(rules and logonids). Sites can always run the reports sooner to get a feel on how the security entries are being tracked for both referenced and unreferenced entries to fine tune the report parameters to obtain the desired tracking information.