Entity ensures that logical access provisioning to critical systems requires approval from authorised personnel on an individual need or for a predefined role