The purpose of the security management feature allows Company Administrators and authorised users to define the Application Roles that exist in the Health Check and then assigning the specific features that can be enabled or disabled, which will then restrict the users with the specific role permissions to be able to perform the functions within the Health Check relative to the permissions of what they have been authorised to do.
For example, an auditor role could be granted permissions to modify compliance ratings and add auditor comments but an end user could have permissions disabled so they are unable to modify this section of the main assessment page.
The role permissions should be agreed as an initial deployment activity.
Application Role Management
There are 5 default roles in the Health Check:
- Senior Management
- Junior Management
The Health Check contains over 100 features that can be enabled or disabled for a user with permissions attached to the role.
An additional feature allows a Company Administrator to create a new role and then assign permissions to that role.
User Security management
User security management is for defining the roles that a particular user is authorised to perform which is linked to the application permissions described above.
Features that can be performed:
- Activate/deactivate user
- Assign application roles
- Assign explicit permissions
Users can also be invited from this page using Invite users which will open a pop-up window.
An invitation email will be sent to the email id with the information on how to register with Health Check Platform.