Access control is a critical component of modern information security systems, ensuring the protection of sensitive resources in increasingly complex organizational environments. This study presents the design and implementation of a scalable, flexible, and security-centric access control system based on Role-Based Access Control (RBAC). The proposed system integrates essential features such as user registration, authentication, RBAC-driven authorization, and secure data handling. To enhance protection, the design employs multiple security layers, including Django's built-in safeguards against SQL injection, CSRF, and XSS, as well as Fernet encryption for sensitive data and OTP-based authentication for strengthened login security. The solution demonstrates strong compliance with web security best practices while maintaining usability and performance. Furthermore, it provides a foundation for future enhancements such as activity tracking, fine-grained authorization, and machine learning integration for access pattern analysis. The results highlight RBAC's effectiveness in managing user permissions, reducing insider threats, and supporting regulatory compliance, making the system suitable for diverse organizational contexts.