In identity and access management, what defines an orphaned account?

In identity and access management, an orphaned account is defined by a lack of governance: an account that exists but has no active user and no assigned owner to manage it. Because there is no active user connected to it and no one responsible for its lifecycle, there’s no one to review its permissions, revoke unused access, or deprovision it when appropriate. This creates security and compliance risks, since the account can be neglected and potentially misused. The description fits best because it focuses on responsibility and current usage: no active user and no owner. Other scenarios—an account with no privileges, an account with an active user, or an account with an inactive password—do not capture the essential lack of accountability that defines an orphaned account.