ACF2 provides the Rule Cleanup Utility (ACFRULCU) that identifies rule lines that are no longer needed. The lines can be from logonids that no longer exist, roles that no longer exist, or UIDs that are no longer valid. You can also specify specific UIDs, logonids, or roles to remove from the targeted rules. You can use the utility for access rules, resource rules, and DB2 rules, and you can run the utility against the active databases or alternate databases.
There is nothing provided in ACF2 to identify rulesets that have not been used in a long time. You would need to use the Cleanup product.