This form defines a single role within the organization, describing both the responsibilities it entails and the IT/information assets and permissions associated with it. While individuals are granted access separately, the role definition clearly documents which systems, databases, workspaces, or services are linked to the role. A person may hold multiple roles, each covering different responsibilities, and the scope of a role can range from a team-specific responsibility to a broader, organization-wide accountability. Defining roles in this structured way ensures that access is consistent, auditable, and aligned with policies. For individuals, this clarity means they know exactly which resources are linked to each of their roles, helping them perform their work efficiently while maintaining security and compliance.
Important: Access rights for individual persons must be requested via a separate Access Rights Request Form, which will reference the roles defined here.
This separation ensures proper governance, auditability, and lifecycle management of access rights.
Example of Role to Access Mapping:
| Role |
Information Assets |
Permissions |
Assigned Person |
| Data Processing Specialist |
Customer Database X, Data Warehouse Y |
Read, Write |
Alice Smith |
| HR Business Partner |
HR System, Payroll System |
Read, Approve |
Bob Johnson |
| Program Manager Product Y |
Project Workspace Y, Reporting Dashboard Y |
Read, Write |
Carol Lee |
In practice, users do not get access directly; they are granted access via their assigned roles. This ensures consistent enforcement of access policies.