Electronic records that contain the information used in the user authorization process. Usually, access controls record what users, groups, and roles can perform what operations on a given set of resources (such as files, database records and fields, network connections, and so on).
