Role & Process Optimization
The person with the best idea of who should have access and what they should be able to access is the data owner or the supervisor, not the IT-administrator. By introducing a role concept for analyzing and granting access rights, you are introducing the data awareness concept and corresponding action into the company.
You can map the organizational chart of your company with the data owner concept and cover all departments. Then you assign employees to the individual data owners. The data owners analyze or assign access rights to their staff.
An employee can use the ARM GrantMA to request access rights via a Web portal. The data owner then decides on the access rights in the department with a simple workflow.