Individual or collective commands, instructions or other requests to modify or adjust identities or the access rights
register. Such directives are usually the result of monitoring patterns of identity and access behavior as well as from
security monitoring data.