German regulation
Berechtigungskonzept (Authorization Concept)
A documented concept describing who has access to what systems and data, with which permissions, and under what constraints. Required by BAIT 5 for BaFin-supervised institutions.
In ITSMx
ITSMx generates the Berechtigungskonzept as PDF (for auditor handoff) and JSON (for machine processing), including roles, permissions, SoD constraints, and assignment history.
Informational only — not legal advice.