July 25, 2022
Information on how to tune (configure) security for your organisation’s application.
The information individual users have access to in your organisation’s application is determined by:
- Their organisational security roles.
- The access managers of initiatives (programmes, projects, activities, services) have given them.
Note that the application also has a log which tracks who has triggered important actions such as launching a project, adding a risk etc.
Define organisation security roles
When you add someone to the application, you assign them a security role. This roles determines what information they can view without having been specifically added to an initiative. There are a small number of default security roles: Super User, Standard User, External Access. These can be modified or added to.
Navigate to business configuration
Access to Business Configuration is via the top level Horizontal Navigation Bar.
Modify or add a security role
The screenshots below show you how to modify or add security roles.
Definitions of individual security actions
| Global actions | Definitions |
|---|---|
| Configure Application | Allows you to configure all code tables (eg initiative status, category, custom fields). Also allows you to configure the Organisation Settings under Global Configuation. |
| Configure Finance | Allows you to configure the Finance Settings in Business Configuration. In addition it allows you to import financial information and override actuals in project budgets. It also allows you to import and export timesheets. |
| Configure Initiatives | Allows you to configure the non code table information in the Initiatives setting in Business Configuration (eg project number prefix and project lifecycles). |
| Configure Resourcing | Allows you to configure the Resource Settings in Business Configuration. |
| System Admin | Allows you to configure Organisational Security Roles. You can also reset user passwords and import resources. |
| Organisational actions | Definitions |
|---|---|
| Documents: Manage | Allows you to create, modify and delete documents stored at the organisational level. |
| Documents: View | Allows you to view organisational documents. |
| Events and Meetings: Manage | Allows you to create, modify and delete organisational level meetings and events. |
| Events and Meetings: View | Allows you to view organisational level meetings and events. |
| Ideas: Manage | Allows you to create, modify and delete ideas. |
| Ideas: View and Create | Allows you to create and view ideas. |
| Strategic Drivers: Manage | Allows you to create, modify and delete strategic drivers. |
| Strategic Drivers: View | Allows you to view strategic drivers. |
| Group & initiative actions | Definitions |
|---|---|
| Groups: Manage | Allows you to create, modify and delete Groups and Teams. |
| Groups: View | Allows you to view Group and Team data. This includes Organisation Dashboards. |
| Groups: View Finance | Allows you to view Group financial data. |
| Concepts: Manage | Allows you to create, modify and delete Concepts, including priority and investment profiles. |
| Concepts: View | Allows you to view Concept data, including the Concept List. |
| Initiatives: Create | Allows you to create programmes, projects, activities and business services. |
| Initiatives: Manage | Allows you to administer and delete Programmes, Projects, Activities and Services. |
| Initiatives: Manage Value | Allows you to create, modify and delete Benefits, Investment Profiles, Prioritisation and Stakeholders. |
| Initiatives: View | Allows you to view initiative data, except for financial data, for Portfolios, Programmes, Projects, Activities and Services. |
| Initiatives: View Finance | Allows you to view financial data, for Portfolios, Programmes, Projects, Activities and Services. |
| Portfolios: Manage | Allows you to create, modify and delete Portfolios. |
| Reports: Configure Templates | Allows you to create, modify and delete templates for Programme Reports and Project Reports. Note that the report will only show the data which the person generating the report has access to. |
| Reports: CSV Extracts | Allows you to generate CSV Extract Reports. Note that the report will only show the data which the person generating the report has access to. |
| Reports: Resource Management | Allows you to generate Browser-Based Reports on resource management. Note that the report will only show the data which the person generating the report has access to. |
| Reports: Risks and Milestones | Allows you to generate Browser-Based Reports on risks and milestones. Note that the report will only show the data which the person generating the report has access to. |
| Reports: Timesheets | Allows you to generate Browser-Based Reports on timesheets. Note that the report will only show the data which the person generating the report has access to. |
| Resources: Edit or Approve Timesheets | Allows you to edit or approve any Timesheet. |
| Resources: Manage | Allows you to create, modify and delete Resources. Does NOT allow you to see or manage resource cost information. Also lets you delete or edit Conversations and approve any Timesheet. |
| Resources: View | Allows you to view resource data, excluding resource cost information. |
| Resources: View Costs | Allows you to view resource cost information. |
| Resources: Manage Costs | Allows you to view, create, edit and delete resource cost information. |
| Search and Browse Initiatives | Gives you access to the organisational directory of Initiatives. You are only able to access the name, not the detail of the initiative. Also lets you find names of items within Initiatives via the search function, unless the initiative has been flagged as sensitive. |
Access to initiatives
Managers of initiatives define security for the people they add to their programme, project, activity or service. Other people with access will be those with access to a parent initiative or those who have access as a result of their organisational security role. For more information, see the tutorial on managing People assigned to initiatives.
Track important actions
The system has a log which tracks who has triggered important actions such as launching a project, adding a risk etc. This shows on the Log for the life of the item and is used to give you context and accountability for the current status of the item.
