A system and related methods for providing greater security and control over access to classified files and documents and other forms of sensitive information based upon a multi-user permission strategy centering on organizational structure. Based on the sensitivity or classification of the information being requested by a user, approvers are selected dynamically based on the work environment (e.g., mobility, use of the computing device seeking access, access policy, and the like). The selected sets of approvers are non-repetitive in nature, making it very hard to guess which approvers will be selected for a particular request.