The number of exceptions per access reauthorization cycle — failed log-in numbers — can offer clues into number of insights. Anomalous Access Incidents are another metric that could help spot malicious behavior. Keeping track of users who are accessing information that they don’t normally need to do their jobs can head off insider threats more quickly. Service and Cost Metrics round out your IAM metrics by not only keeping track of how long it takes to review entitlements but also the average cost per account across the organization.”]
Source: https://www.darkreading.com/authentication/seven-crucial-identity-and-access-management-metrics