Bringing structure and control to authorisation management in a customer information system
A RBAC role model was designed for a critical customer information system. The result delivered clearer access governance, lower compliance risk and documentation ready for internal use and future audits.
Departments
5
Work location
Hybrid
Specialism
PMO, risk & compliance
Brabant Water supplies drinking water to more than 2.7 million people across Noord-Brabant. Its customer information system supports multiple departments and roles, and over time the authorisation landscape had become increasingly complex.
Access had grown organically, accountability was unclear and the organisation lacked a structured framework to understand and improve the situation.
The challenge
The existing setup provided too little visibility into who had access to which functionality and on what basis. Conflicts of interest, gaps in control mechanisms and limited auditability meant the system no longer met internal compliance requirements or the expectations of external auditors.
Blackbear's role
The assignment was scoped at the intersection of operations, risk management and compliance. Blackbear engaged a specialist with proven experience in RBAC implementations within regulated environments and helped structure collaboration across the relevant internal departments so the outcome would be both credible and practically usable.
Result
The engagement delivered a fully developed RBAC role model, including a risk matrix linked to roles and access rights. Stakeholders across Legal, Audit & Risk, Finance and Functional Management were involved throughout, and the final implementation plan and documentation were ready for transfer and future audits.
