Every employee gets a network account that allows them to log on to any of the workstations in either the front or back office, in order to surf the web, access their personal web-based email, do word processing and the like.

Directors are given corporate email accounts from which they can conduct official corporate business (in the business' name), and are given physical keys to the gym.

Front office (administrative) staff are typically given corporate email accounts as well, and keys to the gym, but also are provided with accounts in the class management system (to be able to register students, etc.).

The front office manager (also a Director) is given administrative access to the class management system, and holds both administrative and physical access to the network in escrow.

Notably: even though my wife is the President and CEO of this small corporation (~900 students, ~30 employees), she has administrative access neither to the network nor to the class management system. That is not her role. She also does not have physical access to the network or server equipment. (She's not even an administrative user on her own laptop.)

Likewise, as the only VP I have complete physical access to all facilities, and as the systems and network administrator I have administrative and physical access to all systems. But I do not have administrative access to the class management system. That's not my role (though I can easily obtain it for the purposes of oversight if need be).

/jonathan