This command allows you to see why a certain user has status in a room. It will tell you what level of access services sees the user as having and why. For example, it might say that someone has AOP access because they identified with the nick password for a particular nick in the AOP list.
/msg chanserv why #conferenceroom Surfin
If someone enters the room and is given access that they should not have, you should always do a why on them. This will determine what problem needs to be fixed. The most common problem for rooms that do not set ident on is that the person happens to match a mask in the access lists for an op's nick.