Definition

Access controls mean the policies, rules, and technical measures used to manage who can view, modify, or interact with specific systems, files, or data. They help protect sensitive information by ensuring that only authorized users can access or perform certain actions.

In governance and board operations, access controls are essential for maintaining confidentiality, especially when dealing with board materials, financial data, or strategic documents.

Types of access controls

Access controls are generally categorized into:

  • Role-based access control (RBAC): Permissions are granted based on a user’s role (e.g., director, auditor, legal counsel).
  • Discretionary access control (DAC): Resource owners define who has access to what.
  • Mandatory access control (MAC): A system-wide policy enforces strict rules based on classification levels.
  • Attribute-based access control (ABAC): Access is granted based on user characteristics and context (e.g., department, location, time).

Why access controls matter

The purpose of access controls is to:

  • Limit exposure of confidential information
  • Prevent unauthorized access or misuse of data
  • Support compliance with privacy laws and security standards
  • Ensure proper information flow within the organization
  • Enable secure collaboration across teams and roles

In board portals, access controls help ensure that directors, committee members, and support staff only see the information relevant to their roles.

Quick summary

  • Access controls mean the methods used to restrict and manage data access
  • They help protect sensitive board materials, financials, and legal documents
  • Common models include role-based, mandatory, and attribute-based controls
  • Critical for secure digital governance and compliance

Related terms

Browse Terms by letter

  • C
  • D
  • E
  • F
  • G
  • H
  • I
  • J
  • K
  • L
  • N
  • O
  • P
  • Q
  • R
  • S
  • T
  • U
  • V
  • W
  • X
  • Y
  • Z