NPU Identity Access Management Guidelines

Hi everyone,

We are currently trying to gather guidelines for the management of our NPU-Users (Non-Personal Users) to avoid case-specific discussions.

I would be interested how other CoEs handle the Access Management of NPU-Users, as our security department is quite strict providing access rights to NPU Users. How do you avoid creating NPU “Super-Users” having access rights for several systems and networks? Are you working with different Users per Use Case / Department? If so, then how is this reflected in the Developer Accounts?
Do you have any overall guidelines in place for which systems can be given access rights to NPU Users or is there case-based discussion?

Any sharing of tips or best practices would be helpful.

Thank you very much!

Regards Nico