We universally do a poor job of tracking what service accounts are used where, have what permissions/privileges, and who has access to them. Having a good tracking mechanism for all of this info would improvement management, and likely reduce risk. A few folks in UW-IT have been exploring this topic, with some ideas and a potential project to initially advance this with a small scope. Discussion would cover canvasing the perceived problem space, discussing how to address it, and how to move this forward on a broader scale.