Access Management is the process of granting authorized users the right to use a service, while preventing access to non-authorized users. It provides users access to services defined in security and availability policies. Critical success factors include verifying user identity, access requirements, and linking access rights. Metrics include access requests, instances of access granted, and incidents requiring access changes. The process involves requesting access, verifying the user and access need, provisioning rights, monitoring for status changes, and removing rights when no longer needed.