Versionen im Vergleich

Alte Version 14

changes.mady.by.user Joerg Mattes

Gespeichert am

verglichen mit

Neue Version Aktuell

changes.mady.by.user Beatrice Kofmel

Gespeichert am

Schlüssel

  • Diese Zeile wurde hinzugefügt.
  • Diese Zeile wurde entfernt.
  • Formatierung wurde geändert.

...

for AreaX
PermissionEnduserViewerExpertAdminIT Support
(ENDUSER)(VIEWER)(EXPERT)(ADMIN)(IT_SUPPORT)
Example employee position -->Normal userInternal AuditICS ResponsibleAdminIT Support
Read Control Setup
XX
X
Edit Control Setup

X
X
Read Control TaskX 11)XX
X
Provide support for Control Task 8)



X
Edit own/delegated Control TaskX



Submit own/delegated1) Control TaskX



Read ReportX 13)XX
X
Edit Action/Report

X
X
Create ActionX2)
X
X
Read ActionX 11)XX
X
Provide support for Action 8)



X
Capture implementation progressX3)
X
X
Close ActionX4)


X
Read Risk/Process
XX
X
Edit Risk/Process

X
X
Link Risk/Process

X
X
Read Risk AssessmentXXX
X
Edit Risk Assessment

X
X
Switch User



X
Edit DeputationX

XX
Read User Rights


XX
Edit User Rights


XX
Edit Employees/OrgUnitsXXRead AreaXXCreate Area


XX
Edit AreaXXXEdit System Configuration


XX
Read System Parameter/BatchJobs


XX
Edit System Parameter/BatchJobs



X
Read IncidentsX 11)X 12)X 12)
X
Edit Incidents

X 12)
X
Read Document  9)X 11)XXXX
Edit (central) Document  9) 10)


XX

...

X
Berechtigung


Control ExpertControl ViewerAction ExpertAction ViewerRisk ExpertRisk ViewerIncident ExpertIncident ViewerDocument AdminDocument ViewerUser AdminSystem AdminCoordinatorControl CoordinatorAction Coordinator

(CONTROL_
EXPERT)

(CONTROL_
VIEWER)

(ACTION_
EXPERT)

(ACTION_
VIEWER)

(RISK_
EXPERT)

(RISK_
VIEWER)

(INCIDENT_
EXPERT)		(INCIDENT_
VIEWER)

(DOCUMENT_ADMIN)*

(DOCUMENT_VIEWER)*

(USER_
ADMIN)		(SYSTEM_
ADMIN)		(COORDINATOR)(CONTROL_
COORDINATOR)		(ACTION_
COORDINATOR)
Hints -->IcS (Internal Controls)IA (Issues & Actions)Risk ManagementOperationel IncidentsDMS (Documents)AdministrationRarely used
Read Control SetupXX









XX
Edit Control SetupX













Read Control TaskXX









XX
Provide support for Control Task 8)











XX
Edit own/delegated Control Tasks














Close own/delegated1) Control Tasks














Read Report

XX










Edit Action/Report

X











Create Action

X











Read Action

XX







X
X
Provide support for Action 8)











X
X
Capture implementation progress

X








X
X
Close Action











X
X
Read Risk/Process



XX








Edit Risk/Process



X









Link Risk/ProcessX
X
X









Read Risk Assessment



XX








Edit Risk Assessment



X









Switch User











XXX
Edit Deputation









X
XX5)X6)
Read User Rights









X
XXX
Edit User Rights









X



Edit Employees/OrgUnitsXRead AreaXXXCreate AreaXEdit AreaX









X



Edit System Configuration










X


Read System Parameter/BatchJobs










X


Edit System Parameter/BatchJobs










 X


Read Incidents





X 12)X 12)






Edit Incidents





X 12)







Read Document 9)XXXXXXXXXXXXXXX
Edit (central) Document 9) 10)








X





...

1) if delegated including Submit
2) if action type allows creation by Enduser
3) only if "May Edit" checkbox is selected for Action Owner
4) only if "May Edit" checkbox is selected for Action Owner & Enduser = Primary Action Owner
5) only for Controls
6) only for Actions
8) via Switch User
9) Scopes are: OrgUnit
10) Relevant for «central» documents – for attachments (e.g. of Tasks / Actions, ...) this right is not 
11) with own OrgUnit
12) checked are Area AND Incident Type or OrgUnit AND Incident Type 
13) only if the Enduser receives "additional read right" in a specific Report

...

Depending on the role it is possible to limit the reach of the role via scopes.
This way, user rights can be given for a certain area part in the organization in accordance with the "Need-to-know" principle. 

...

ScopeExplanationDetails und hints
OrgUnitspecifies for which OrgUnit the role is given (hierarchical scope)multiple selection possible
Areaspecifies for which Area the role is given (hierarchical scope)multiple selection possible
Incident Typeslimits the role to certain incident types only relevant für module OpLoss (Operational Incidents)
Risk Assessment-Typenlimits the role to certain risk assessment types this scope is combined with OrgUnit and Area
Document-Typenlimits the role to certain document types only relevant for module DMS

...