Which IAM concern is addressed by preventing privilege creep?

Preventing privilege creep is about limiting access to match a user’s current role. When people stay granted broad or excess privileges after they change jobs or responsibilities, those extra rights can be used—intentionally or accidentally—to access information they shouldn’t see. Keeping permissions tightly aligned with need-to-know and implementing regular access reviews or recertifications helps ensure that someone only has the privileges required for their duties. This minimizes the risk of unauthorized access and enforces the principle of least privilege. The other options don’t address this specific risk: password fatigue refers to the burden of managing many passwords, which can lead to poor security behavior; data loss is a potential outcome from various issues but not the problem of mismatched privileges; encryption protects data but doesn’t prevent overly broad access.