I wanted to know if there was a policy template to allow IT system access. As we all know the IT department has the key to many kingdoms. I have to create a policy that even though they have access they still need permission to access sensitive data. Do you have anything in your archives that might help me or can point me in the right direction.