Designing a strategy for role assignment and delegation
Managing role assignments and how users are delegated access to resources can be a source of concern for security and governance. To alleviate the issue of users requesting access and being assigned a role on a one-to-one basis, planning a strategy for role assignments by groups of users creates a more manageable environment.
Security groups can be created for departments or project groups that include dynamic assignments. These groups can be assigned the roles defined by management and supervisor stakeholders for members of the groups. When a user is then manually or dynamically assigned to that group, they inherit that role. When users are removed from the group, the role no longer is available to them. This allows you to better manage and govern the access levels and roles that users in your company have to resources. The differences between Microsoft 365 groups and security groups can be found at this link: https://learn...