We have had, literally, massive number of people leaving the agency. How does one define a new user, review the current user's permissions and delete retired users??
Endevor uses an External security interface and you control who has access to Endevor thru your Security package - RACF, ACF2 or Top Secret.
The BC1TNEQU table established the pseudo data set names Endevor uses in RACROUTE call to the external security package and Endevor allows or prevents the action based on the results it gets back from the RACROUTE call.
Normally, there is an Endevor profile or group defined in the external security package and you add new user ids to the profile and delete those that are no longer with the company.