Account and entitlement reviews are essential so that organisations can understand, and therefore control, exactly who has access to what. Access rights are first assigned by setting up users with accounts for certain applications, according to their role in the organisation.
But many applications contain a myriad of functions and store vast swathes of information. Not every user needs access to all the information contained within an application. For example, in a customer relationship management system, a salesperson may need to access customer contact information, but does not need to access the financial records associated with customers.
Source: http://www.it-director.com/blogs/Bloor_Security_Blog/2015/3/solving-the-complexities-of-sap-account-and-entitlement-reviews.html