Many IT security professionals still regard role-based access and identity management as hopelessly complex because the predominantly manual approach used to review and manage roles is not scalable ...