Many companies maintain an Access Control List (ACL). This approach might serve the purpose of restricting access to sensitive information to a limited number of users. Equally important is to ensure that the authentic users have access to all the relevant data. This type of management requires extensive effort to gather information about users, to look at the data flows, and to conduct frequent analyses.
The following questions must be answered while monitoring entitlements in an organization:
The approval of the entitlements on a periodic basis is in the core of the entitlements system.
More Information