bonnie
I play a nice person on twitter.
You can't have an objective discussion about information security threats and mitigations without considering that people and their actions and assets are the most common attack vector, willing or unwilling. And staff transitions open lots of transient physical, digital, social and logistics windows of opportunity for bad stuff to happen. Many of those are not the fault of the transitioning party.
You, however, can have that discussion without targeting specific people. It's fair to ask 'how many people should have access'. It is potentially career-damaging to imply it is a specific person.
I'm sure you can see the difference.