Which account typically has broad privileges on a system?

Access control on a system revolves around roles with different levels of permission. The account designed to manage and configure the entire machine—install software, change security settings, modify system files, and override protections—has broad, system-wide privileges. That is the administrator account. Regular users have only the minimum rights needed for their tasks, which protects the system from accidental or malicious changes. Guest accounts are even more restricted and often have very limited access. A power user sits between regular users and administrators in some environments, granting more rights than a regular user but not the full control of an administrator, and in modern setups this role is less emphasized. So, the administrator account is the one with broad privileges.