A distinction must be made between security levels within the IT landscape when considering privileged access secret authentication information, where a logical distinction is made at least for user endpoints, network access-layer, network core, server-administrator and domain administrator.
Specification
There is a security architecture which describes the segments and this architecture is implemented.
ISO 27001 & 27002:2022
A8.2,
A8.5,
A8.15,
A8.20,
A8.21,
A8.22
SURF toetsingskader informatiebeveiliging (NBA-volwassenheidsmodel)
SM.11 Network security
ID.03 Super users