Which principle states that each person should only receive the permissions they absolutely need to perform their job?

Granting users only the minimum access they need for their job is the principle of least privilege. This approach minimizes risk by limiting what a user can do and what data they can reach. If an account is compromised or used accidentally, the potential damage is constrained because the user operates within a narrowly defined boundary. It also makes auditing easier and supports separation of duties by ensuring privileges are tightly aligned with specific responsibilities. While related ideas like minimization and appropriate authorizations exist, the standard label for this exact idea is least permissions. The option that suggests all of the above isn’t correct because not every term is a recognized name for this principle.