The first step to take when designing a networked Information System (IS) where there will be several different types of individual access is to create a user access matrix. A user access matrix is a table that defines the access rights and permissions of each user or user group to each resource or function in the system. A user access matrix helps to ensure that all access control requirements are addressed, such as the principle of least privilege, the principle of separation of duties, and the principle of need to know. A user access matrix also helps to simplify and standardize the implementation and administration of access control policies and mechanisms910. References: 9: Access Control Matrix1110: Access Control Models and Methods12