The entitlement matrix is an essential step in managing access controls. Practically, this is where you record the business decisions on who can access/do what. You want to give your people enough access to perform their job duties, and also limit the damage they could cause accidentally or intentionally with the access given to them (through a "what if" risk based approach, for example). Without a properly maintained entitlement matrix, you would quickly end up with a disconnect between the business governance and the access controls configured in your production environments. That wouldn't be ideal.