Access privileges can also be defined by membership in a group. In the Groups, you can define the groups by combining privileges with roles. For example, users with the right to manage incidents (role Security Operator) get access to the control room in different shifts (privileges). For this you need authorization for the administration of groups.
You can assign approvers for the groups used in Self services > Requests for access requests. When a Self-Service User makes an access request for the group, the assigned approvers based on the selected approval mode need to approve the request. The assigned approvers receive an email notification regarding the request creation and request approval.
For more information on Self services, see: Self services.