Least privilege with the least effort: access risk monitoring
Users in business applications can reach critical functions and data. For various reasons they typically possess far more access rights than really necessary for their work.
IT, business and security professionals alone do not have the knowledge which rights may be risky and which should be revoked. They should work together closely to reassess the user access profiles which is a very expensive and time-consuming task.