Badge Issuance, Duration, and Return Controls Design
N.B. If baselines are unknown, mark “TBD” and state the data gap and owner. Ensure objectives are measurable within [Timeframe] and directly traceable to the ABC outputs.
📄 Prompt Template
Define end-to-end controls for visitor badges across [BadgeTypes] using [VMSName]. Design processes for identity verification, badge activation duration, area restrictions, badge inventory management (reorder at [BadgeStockThreshold]), and exit reconciliation with a data retention period of [RetentionPeriod]. Specify exception flows requiring approval by [ExceptionApprover]. Output format: (1) Control objectives and risk statements. (2) Process map steps (request → approval → issuance → escort → return → reconciliation). (3) Data fields dictionary (PII minimization, mandatory/optional). (4) System configurations (auto-expire, anti-passback, alerts). (5) Exception handling SOP and approval matrix. (6) Control testing procedures and evidence artifacts. Include lost badge response and periodic stocktake method.