Wilmore Holdings Inc.

Access Control Policy

Least Privilege

Access to systems and personal data is granted only to authorized personnel based on role and operational necessity. Users receive the minimum permissions required to perform assigned tasks.

Access Provisioning

• Access requires a valid business need.
• Administrative privileges are restricted and limited.
• Shared credentials are avoided where possible.

Access Review

Permissions are reviewed periodically and adjusted when roles change or access is no longer required.