
You have been asked to lead an enterprise security initiative to establish and enforce least privilege across a large organization. The goal is to reduce standing access, tighten privileged roles, and make access decisions auditable without disrupting critical business operations.
How would you establish and enforce the principle of least privilege across a large enterprise?