# Permission model workbook

Use this workbook to translate organizational policy into AI retrieval, tool-use, and approval behavior.

## Permission matrix

| Role | Data access | Tool access | Action limit | Approval threshold | Audit visibility |
| --- | --- | --- | --- | --- | --- |
| Requester |  |  |  |  |  |
| Reviewer |  |  |  |  |  |
| Operator |  |  |  |  |  |
| Administrator |  |  |  |  |  |

## Design checks

- Separate reading an answer from taking an action.
- Enforce least privilege by role, task, data class, and environment.
- Require approval for money movement, identity changes, legal commitments, healthcare actions, and external messaging.
- Log denied requests as product signals, not just security events.

## Output

A reviewable permission model that engineering can enforce and control owners can audit.