Explain your process for auditing system security roles and ensuring sensitive employee data is only visible to authorized users.