I am drafting the Access Control Policy in conformio.
In the section 3.2, I initially have drafted the User profiles, Applications and access rights for each SW that we are using.
Then I need to map the User Profiles to the job Titles.
The question is: When mapping the Support Administrator profile, can I simply map to the Job title "mid management" or do I need to specify Support Mid Management?
What I mean is that it is obvious that the Support software administration will never be assigned to the HR Mid management, but do we need to be specific when drafting the mapping between a User Profile and a Job Title?
Will an auditor accept a high level definition?
Thanks
Best Regards
Igor
Assign topic to the user
Comment as guest or Sign in
Dec 09, 2024