Run a privacy-focused access review for [BusinessUnit] across systems listed in [SystemListFile]. Identify excessive privileges to personal data, orphaned accounts, and SoD conflicts; recommend least-privilege changes.
Output format:
Findings summary (≤150 words).
CSV-ready table AccessReview with columns: System, User/Service Account, Role/Entitlement, Data Sensitivity, Justification, Anomaly (Y/N), Recommended Action, Owner, Due Date.
Remediation playbook with approval workflows and evidence requirements.
30/60/90-day targets aligned to [RiskThreshold] acceptance criteria.
Assume joiner-mover-leaver controls exist but are inconsistently applied.