Provide two examples of a recent access request and approval (ticket, email etc) to grant employee access to a critical or privileged system. An example of a system would be any system vital to the functioning of internal and external business, such as your HRIS (e.g., BambooHR), your infrastructure cloud platform (e.g., AWS), or CI/CD platform (e.g., Jenkins) and requires an additional level of role-based access control to operate various functionality within the system itself (e.g., regular user, editor, admin, super admin).
Guidance: The best practice is to track and document approvals through tickets. However, if tickets aren't being utilized, email threads and/or a manual access request form may also be acceptable. Here's a sample access request form: Google docs template / Docx template.
Controls
ISO 27001 - A.5.15
ISO 27001 - A.5.16
ISO 27001 - A.5.18
ISO 27001 - A.8.2
ISO 27001 - A.8.3
Controls
ISO 27001 - A.5.15
ISO 27001 - A.5.16
ISO 27001 - A.5.18
ISO 27001 - A.8.2
ISO 27001 - A.8.3