Which practice is consistent with minimizing risk in identity management?

Centralizing identity management and automating provisioning across apps reduces risk by ensuring that access is controlled from one authoritative source and applied consistently everywhere. When roles and permissions are defined in a central identity provider and pushed to connected applications through standards like SCIM or provisioning connectors, changes such as hiring, role changes, or terminations are reflected everywhere in a timely, uniform way. This supports least privilege, reduces the chance of stale or conflicting permissions, and makes auditing and revocation much more reliable. Storing credentials in plain text in spreadsheets is a serious security flaw, exposing sensitive data to leaks or misuse. Using multiple central identity providers with inconsistent roles creates governance gaps and drift in access control. Disabling RBAC removes a foundational mechanism for controlling who can do what across systems, increasing risk dramatically.