The operational procedure that implements the Access Control Policy. This is the appendix referenced from that policy.

Provisioning

At completion of HR onboarding, CHRO triggers a series of access tickets in Linear (the “Access” team queue). IT provisions access for company-wide systems (Rippling for IdP/SSO, MDM, and EDR; Microsoft 365 for Outlook and SharePoint; Slack, Linear, GitHub, Dashlane) and the standard access bundle for the new hire’s role. Engineering hires receive the additional engineering access bundle — production read access via SSO, repository access, deploy permissions per role. Additional access beyond the standard pre-approved bundle requires a request approved by the system owner or the new hire’s manager.

Change requests

When a user changes role, their manager submits an access-change request via the Access Change intake form, which files into the Access project in Linear. The system owner approves; IT executes. Privileged-access elevation requires explicit approval from the CISO or the system owner.

Deprovisioning

At termination, the maximum allowable time for access termination is 24 business hours. CHRO triggers offboarding which:
  • Disables the user in the IdP.
  • Revokes session tokens across SaaS apps.
  • Removes from group membership.
  • Returns or wipes company devices.
User IDs are not re-used. See Offboarding for the full checklist.

Standard access bundles

The current standard-access matrix lives at the Standard Access Matrix. Roles include:
  • Employee (baseline)
  • Engineering (read/write)
  • Engineering (production)
  • Sales / GTM
  • Customer support
  • Finance / People
Material changes to standard bundles require approval from the CISO.

Version history

VersionDateDescriptionAuthorApproved by
1.0May 8, 2026Initial versionCameron WolfeIshan Jadhwani