...it's right in your document:
"Die Auswertung personenbezogener Protokolldaten muss also immer im Vier-Augen-Prinzip, unter Beachtung der personalrechtlichen Beteiligungspflichten und unter Einbeziehung der organisationseigenen Datenschutz- und IT-Sicherheitsbeauftragten, erfolgen."
Similarly:
"Report Users – These users have access to certain data elements for the purpose of performing ad hoc querying and reporting, but they are limited in the types of processes they can perform on the data."
https://support.sas.com/resources/papers/proceedings14/SAS39..."[...] stores business intelligence objects such as dashboards, dashboard pages, folders, and analyses. Users can view only the objects for which they are authorized. [...] These [...] roles control which subject areas and analyses that a user can access and what data a user can see in [...]. The predefined [...] roles provide permissions to view but not create analyses and reports. [...] The Transaction Analysis Duty roles control which subject areas and analyses a user can access and what data a user can see."
https://docs.oracle.com/en/cloud/saas/sales/r13-update17d/os...