Roles Enhancements

The two roles at higher level for all applications are:

Auditor has only view access to all modules of the company except Restricted Records.
Administrator has access to activate or inactivate users including new users setup and manage designation, department, location, non-system users and users modules access etc.

The other roles for system users are at application level and are in three categories:

General User has view access to the application and cannot perform any function within the application.
Application User has all rights of the general user plus can be assigned ownership or responsibilities within the application.
Application Manager has all rights of the Application user plus complete rights of the application including role assignment/changes for users, system settings for application etc.

The following describes the above roles for each application:

General User has only view access to risk register and reports etc plus can identify risks.
Risk User has all rights of general user plus can be risk owner and responsible for analysis, assessment, actions for risk mitigation and responsibilities for controls.
Risk Manager has all the rights of risk user plus can set up system features and attributes, assign or re-assign risk owners and also re-assign risk treatment and control responsibilities etc. Import risk register and control register.

General User has only view access to asset register and can be an asset user.
Asset User has all rights of general user plus can be asset owner, can create new assets that he owns and edits assets that he owns.
Asset Manager has all rights of asset user plus can setup asset system features eg asset groups etc, can change asset owners, assign asset to asset owners etc.

General User has only view access to documents list, details and view file.
Document User has all rights of general user plus can be an author, owner, approver of documents.
Document Manager has all rights of document user plus can assign or update document authors, owners and approvers.

General User has access to create OFI and view access to all OFIs.
Problem User has all rights of general user plus can work on assigned OFIs.
Problem Manager has all rights of problem user plus can manage all OFIs, assign responsibility and accept or reject OFI created by general user or problem user.

General User has only view access to all public records.
Record User has all rights of general user plus can create records as per classification – public, confidential and restricted records and view records according to the permission of records.
Record Manager has all the rights of record user plus can manage all records and all view records.

General User has only view access to supplier lists.
Supplier User has all rights of general user plus can manage assigned suppliers.
Supplier Manager has all rights of supplier user plus can manage all suppliers.

General User has only view access of course, batch and training.
Training User has all rights of general user plus can manage assigned course, batch and training.
Training Manager has all rights of training users plus manage all courses, batch and training.