IAM is crucial in managing DAO members and their authorisation levels. As DAOs expand, they can:

• Form multiple groups akin to departments, each with defined responsibilities, permissions, and security policies.

• Configure access rights which control the way members join and leave these groups. These can be configured to allow open access or invite only.

• Configure security policies for the group that control the requirements for digital signatures to authorise the documents or transactions for which the group is responsible.

• Assign members to these groups, granting them corresponding rights.

For example, a finance group might have specific responsibilities, permissions up to a certain transaction limit in Tonomy Pay, and security policies requiring multifactor authentication for authorisations [Ref #8].