Platform: Risk Assessment Platform
Applies to: Super Admin and Company Admin Users
User and Permissions Management
There are 2 functions within the User Access Controls menu:
These features allow Super Admin or Company Admin users to create users and assign them one or more roles that define what functions and information they can access within the platform.
A set of out-of-the-box (global) roles exist and can be viewed in the Application Role screen to determine which roles are most appropriate for each user.
- Super Admin - Reserved role. Manages settings, application configuration, company accounts, users and global content. Has view-only access to Risk Assessments.
- Company Admin (CA) - Manages settings, company account, users and content for the company. Has view-only access to Risk Assessments.
- Approver (EU) - Managers content for the company and has full access to Risk Assessments, including the ability to approve risk factors, archive and unpublish.
- Standard (EU) - Can view content setup for the company and has full access to Risk Assessments but not the ability to approve risk factors, archive or unpublish.
- Client (EU) - Can view risk assessments and enter information into the assessment units.
- View Only (EU) - Can view content setup for the company and can view risk assessments. No ability to update or edit.
- For Restricted - Intended for use with the "Restricted" setting. Restricted users cannot see any assessments or assessment units other than those in which they are set as "Owners" (in the Assessment Unit Details window). For those assessment units, they can enter and submit information on the Context, Risk Analysis, and Controls Assessment pages.
Every company must have at least one Company Admin.
When multiple roles are assigned to a user, they receive all enabled permissions from both roles.
Newly invited users who have not yet activated their accounts (pre-activation users) can be set as Assignees on risks or controls, and those with the 'Restricted' setting can also be set as Owners on Assessment Units.
User Security Management
The purpose of this feature is to allow Super Admin and Company Admins to manage users for a company.
Actions that can be performed:
- Add new users - Add users to the company by pressing the Add button () and completing the details:
- Enter the user's email OR network username if different to their email when single sign-on (SSO) authentication is enabled
- Enter the user's first name and last name
- Select one or more permissions.
- To save the details and send an invitation email to the user, press the Save button ();
- To save the details but NOT send the invitation email (i.e. if SSO is enabled) unselect the email checkbox () and then press the Save button ().
- Reset password - Press the Reset button () to send the user a Reset Password email.
- Resend invitation - Press the Email button () to re-send the invitation email.
- Archive - Press the Archive button () to archive the user.
- Edit - Press the Edit button () to edit the user settings:
- Deactivate/activate - Select or unselect the Active checkbox to remove or enable access.
- Assign roles - Select or unselect the role checkboxes to add/remove roles to/from the user.
Note: If the user is to be restricted to specific Assessment Units, select the "Restricted" setting and the "For Restricted" role. Unselect all other roles. Do not select this setting and role otherwise.
Application Role Management
This feature allows Company Admin users to define roles with permissions for features and information a user can access.
Enabling or Disabling Permissions
The Risk Assessment Platform has out-of-the-box (Global) roles and permissions.
- Super Admins can change these roles or add more roles.
- Company Admins can create more roles at the company level.
The permissions enabled/disabled within each role determine what functions users with that role can perform and what information they can see within the application.
Before configuring roles, Company Admins should decide:
- What are the appropriate roles for their organisation (and/or their clients)
- What permissions should be enabled and what permissions should be disabled
The Global roles and their permissions:
Working with Roles
Create a New Role
Click the Add New Role button and enter the role name and description, then click the Create button to add a column for the new role. Select the permissions for the new role using the checkboxes.
Edit a Role
To edit permissions of the role, use the checkboxes. The changes are automatically saved.
To edit the name or description, press the Edit button (), make the change and then press the Save button.
Delete a Role
To delete, click the delete button ().
Please sign in to leave a comment.