You can try using generic key strategy. Try something like:

Section Access;
Load * Inline [
USERID, ACCESS, SAL_FLAG
ADMIN, ADMIN,
CIO, USER, EMP1_WITH_SAL
CIO, USER, EMP2_WITH_SAL
CIO, USER, CEO_NO_SAL
];
Section Application;
	 
t1:
Load *,
	 EMP&'_'&'WITH_SAL' as SAL_FLAG
Inline [
EMP, ADDRESS, SAL
CIO, ABC, 99
CEO, XYZ, 101
EMP1, MNO, 11
EMP2, BCD, 22
];
t2:
Load EMP, ADDRESS,
	 null() as SAL,
	 EMP&'_'&'NO_SAL' as SAL_FLAG
Resident t1	where EMP='CEO' ;

 For more complex scenario handling, have a look here:

https://community.qlik.com/t5/Qlik-Design-Blog/Basics-for-complex-authorization/ba-p/1465872

https://community.qlik.com/t5/Qlik-Design-Blog/Authorization-using-a-Hierarchy/ba-p/1476319