Once the authorization concept is designed, the actual implementation of the concept must be carried out. Usually this phase can be performed by the authorization consultant or team independently from the business, if the authorization matrix and the organizational values are agreed upon with all involved parties.

The implementation can be done manually or if necessary with automated tools. At the end of the implementation phase the authorization concept has to be tested to correct errors before going live.