In our last blog post, we explored the various ways that security is maintained in policyIQ – how you limit or give access to users to see, edit, or administer the various items in the application. When expanding to encompass a new division or a new department, understanding that security can help to ensure that your users continue to retain their rights to only the appropriate information.
There are some best practices to keep in mind when bringing a new area into policyIQ.Your goal will be to allow your existing users to retain all of their current capabilities, while at the same time adding new users with the necessary permissions in their area.
Don’t worry, we have a checklist for you.
We have outlined some steps below that will help you get from where you are to where you want to be. Not only are these the recommended actions, this is also the recommended order to avoid a lot of back and forth between the different areas of the Setup Module.(The steps below will typically be performed by a user with a Site Administrator, a Role which gives the user the ability to view and administer all elements of policyIQ.)
1.) Make a Plan
You probably get sick of hearing us recommend starting with a plan, but unfortunately for you, we’re not going to stop saying it.
2.) Add New Groups
Determine what new Groups you will need to accommodate the additional users.Do you already have a structure for Departments?Do you need to add something under Locations?Is this a project team that should have its very own top level group? Add any needed new Groups to accommodate any the new users who will be added.
3.) Restrict existing content
Is your content currently visible to the top level Groups in your site (and therefore visible to all users)? Will this continue to be appropriate if you add new users? Run reports of your content (adding in the Viewers property as a column in your results) to evaluate the current restrictions.If content should be restricted, simply highlight all Pages that require those restrictions and use the toolbar to Edit Change Viewers.
Note – it’s not always about making sure content is restricted. Sometimes you need to make sure that content is available to the new users.If you added a new Group at the very top level of your Group structure, those users are not able to see any content by default. You may need to add in the new Groups as viewers on the essential content.
5.) Add New Users
Once your Groups are in place, it is time to add the new users. Consider which Roles the new users should have. (Refer to our blog post on Security for more information on Roles.)
Should any of the new users be added as Site Administrators? Site Administrators have the ability to view and administer all content and structural elements of policyIQ. There is a careful balance between having enough Site Administrators to create redundancy and efficiency – and creating a “too-many-cooks-in the-kitchen” scenario. Remember that you are able to establish users as Administrators of specific Folders, Templates, Groups and Content. With these more specific local rights, you can allow an individual to Administer his/her department, while not providing access to all of your policyIQ site.
6.) Add new Folders and Templates
The new area will need Folders in which to organize their content, and may even need new content Templates to use as a basis for their documentation. If you have not established Site Administrators within the new set of users, you will want to create the Templates and top level Folders to get them started. Be sure you add the appropriate new group members as administrators of Folders, Templates, and (potentially) Groups to empower them to maintain their new area. This will allow them to make the initial configuration decisions as well as the ability to maintain the structure going forward.
7.) Don’t forget training�
Of course training on how to utilize policyIQ, but also training on your organization’s standards on how often to update their content, approval chains, formatting and more.
Feel free to contact your policyIQ Account Manager or our support team with any additional questions you may have during this process.