The Service Request Handler would need to verify the request for access at two levels.

The initial level of verification should be done to ensure that the requester is authentic and is authorized enough to request for access. In order to check this, the Service Request Handler would obtain the user credentials and ratify the same against the details maintained in the system database. In some engagements, there could be certain sensitive services that would require further identification in terms of biometric, use of an electronic access key or encryption device, etc.

Once the user credentials are assessed and it is confirmed that the requester is authentic, the Service Request Handler must ensure that that the requester has a legitimate requirement for access to the requested service/service component. Security policies can be referred to verify if the requester is authorized for the access. The Change Management process would include a review of access requests while evaluating RFCs submitted for approval.

In case of invalid request, Service Request Handler should inform the requester on the same.