Access Control can be any method that creates precision and control over when and how a person can exercise their access rights. The goal of access control is to create friction between a user and their access, and stop any unauthorized access that could lead to a security or privacy breach. By creating these series of defenses, an organization is protecting itself from the myriad of cyberattack attempts it may incur. Think of access governance as the perimeter fence, and access control as the guards that find and close any gaps in that fence.”]
Source: https://www.cuinfosecurity.com/blogs/access-controls-stop-breach-before-occurs-p-3181