Well, here's your example ..
answer yourself the questions
should users be able to access the control interfaces of switches?
Should managers' computers have direct access to accounting and management computers?
should there be uncontrolled access to servers (ports and protocols)
what will happen if a thread sets itself a static ip 192.168.1.1 or brings a thread to a home router with dhcp enabled?
Can you handle viruses exploiting smb vulnerabilities for example?

Vlan is needed when you need to:
Divide the switch into logical networks that are not connected (unexpectedly yes?) to each other.
When you need to transmit for some reason several networks through one cable.
You can build a network that is logically unrelated to physics.
For example, you have servers, switches, etc., which have management ports, and here it’s better to remove them into a separate network to which anyone will have access.
This is just a piece that came to mind after a night of work.

This makes sense if the network is divided into subnets, but if one organization has enough addresses, then there is no need to invent a bicycle. I have 188 addresses being distributed, the vlan is only for ip phones, and then for convenience, otherwise the tubes are wedged, so at least you know who to kick :)

I have a service point where there is only one computer for staff, but I made several VLANs - in one this computer and a wi-fi network for employees, in the other - CCTV cameras, in the third - a video broadcast network for TVs, etc.
Separation of networks does not depend on the number of computers.