Roles and permissions matrices provide coverage of activities. They designate responsibility, define roles and identify the missing ones, and communicate the results of a planned change.


The Process of assigning roles and permissions

  • Identify roles
  • Associate roles and activities related to the solution
  • Designate who is authorised to carry out activities


Some sectors call this matrix a ‘verification requirement’ or an ‘audit requirement’.

The matrix takes the form of a table connecting activities to work groups and roles (here the example is for a software system). In general, roles are in the columns and activities in the rows.

The role
Used to name a group of individuals with common functions.

The function
A function is one or more activities related to the solution. One or more roles can undertake an individual activity. Each person to whom this authority is assigned can perform the associated activity.

Why use a role and authority matrix?


  • Stabilises and streamlines the initiative’s processes.
  • Secures data by limiting access.
  • Allows audit logs to freely consult information about the rights assigned. This ensures transparency of action history.
  • Assigns roles according to business needs.
  • Prevents the undertaking of an activity by an unqualified person.
  • Identifies key roles within an organisation.

How to use a role and authority matrix?




Read more by subscribing to the BA Toolkit 

On top of the brief description of the method, access to:

  • an explanation of when and how to use it,
  • a practical example,
  • tips and recommendations for use,
  • downloadable checklists and templates,
  • references for further reading,

Table of contents

Latest techniques


Not yet a member?

Plan de travail 1

For you today

our document on the 6 steps to do a SWOT analysis!

Type in your information and get access to the document


Well Done,
You can access the pdf!

Feel free to follow our link and learn more about the BA Toolkit.