Access controls hold a major role of security when comes to setting up a business. Access control protects the sensitive materials from being accessed by an unauthorized individual. It also ensures that inhouse materials are not being distributed to any outsiders and are kept in house only. While setting up procedures to create or modify access control an organization must bear in mind the type of individual who will implement the procedures. It might have to use simplified methods so that the user can have easy access to delete, correct or add any information. But simultaneously complex procedures should be implemented so that the users who are unauthorized cannot gain access and make any changes. If proper procedures are implemented then the system is prevented from getting compromised on basis of access miss management or simple mistakes. The very purpose of having access control policy is to make sure that the security requirements are well described to the developers, architects, designers and the support team so that the designing and the functionality of access control is implemented in a manner that is consistent.