Latest
v4.0
Current
Annual
Major annual review. Restructured all role definitions to align with EverLeaf GmbH / L.L.C. entity split. Added GCP and Unifi as new in-scope applications. Consolidated Admin profiles under IT Administrator role.
18
Adds
6
Removes
11
Modifies
3
Renames
5 HIGH-RISK
v3.3
Quarterly
Q3 quarterly review. Added Slack Workspace Admin to IT Administrator role. Updated Salesforce permissions after CRM migration. Removed three inactive contractor roles.
5
Adds
3
Removes
4
Modifies
0
Renames
2 HIGH-RISK
v3.2-OOC
Out-of-Cycle
Emergency revocation of a former employee's Google Workspace Super Admin access following offboarding incident. Triggered out-of-cycle release per policy — HIGH-risk, privileged role, confirmed by DPO.
0
Adds
1
Removes
0
Modifies
0
Renames
1 HIGH-RISK
v3.2
Quarterly
Q2 review. Onboarded Marketing Specialist role with Squarespace and Hostinger access. Revised Jotform profiles to align with updated GDPR data minimisation assessment.
7
Adds
2
Removes
5
Modifies
1
Renames
1 HIGH-RISK
v3.0
Annual
Annual review following company restructure. Introduced formal Department taxonomy. Added Airtable and Make to RBAC scope. Defined entity-level access split (GmbH vs L.L.C.).
22
Adds
8
Removes
14
Modifies
5
Renames
7 HIGH-RISK
v1.0
Initial
First formalised RBAC document. Covered Google Workspace, Salesforce, Slack, and Jotform. Established baseline permissions for all active roles at time of writing.
31
Adds
—
Removes
—
Modifies
—
Renames
Origin