The problem that we address is the inability of businesses to correctly and completely specify what an automated Identity Management and Access Control (IMAC) solution must do within their organisation. This paper reports on experiments with a tool that, from a given set of business rules, generates a functional specification as well as code for a software component that provably enforces each rule. This tool allows a business architect to experiment with different sets of IMAC rules (policies) so as to find the most appropriate set of rules for the business context. Creating a demo around the generated software component provides hands-on proof to the business that they can understand. New to our work is the use of relation algebra, which provides a way to build and prove IMAC policies simultaneously. On a larger scale, this approach may help to solve cross-domain identity issues e.g. between governmental organizations.