Use: per access grant to a critical/privileged system (or use the Linear ticket as the record). Owner: requester’s manager + system owner / IT. File as a Linear “Access” ticket. Frameworks: SOC 2 IAC-9 (access requests required), IAC-2; supports CC6.1–6.3. Implements Access Management. Vanta slot:
access-requests.One per request (or link the Linear ticket). Replace every variable.
Request
- Requester: {{requester_name}} · Role / team: {{requester_role_team}} · Date: {{request_date}}
- System / resource: {{system_resource}}
- Access level requested: {{access_level_requested}} · Business justification: {{business_justification}}
Approval
- Manager approval: {{manager_name}} · {{manager_date}}
- System owner / privileged-access approval (if privileged): {{system_owner_name}} · {{system_owner_date}}
- Role-based bundle or exception: {{bundle_or_exception}}
Provisioning
- Provisioned by: {{provisioned_by}} · Date: {{provisioned_date}}
- Access level granted (matches approval): {{access_level_granted}}
- Linear ticket: {{linear_ticket}}
Variables
| Variable | Description |
|---|---|
{{requester_name}} | Name of the requester |
{{requester_role_team}} | Requester’s role / team |
{{request_date}} | Date of the request |
{{system_resource}} | System / resource (e.g., AWS / Vault / Aurora / GitHub / M365) |
{{access_level_requested}} | Access level requested (role / privilege) |
{{business_justification}} | Business justification |
{{manager_name}} | Name of the approving manager |
{{manager_date}} | Date of manager approval |
{{system_owner_name}} | Name of the system owner / privileged-access approver (if privileged) |
{{system_owner_date}} | Date of system owner / privileged-access approval |
{{bundle_or_exception}} | Role-based bundle or documented exception |
{{provisioned_by}} | Who provisioned the access (IT / system owner) |
{{provisioned_date}} | Date access was provisioned |
{{access_level_granted}} | Access level granted (matches approval) |
{{linear_ticket}} | Linear ticket reference |