Many questions that come into our policyIQ support team boil down to questions about the security permissions and settings in policyIQ. In this 3 part series, we’re going to explore what makes up policyIQ application security – and help you to better understand and take advantage of all that policyIQ has to offer.
Let’s start with the basics – Did you know that there are three levels of Account Types?
Every user in policyIQ has one of only three Account Types:
- Read-Only – as the name implies, this type of user account has no edit or contribution access. Read-Only users do not have a custom Dashboard, either, but rather can log in to search for or read any content that has been made available to them.
- Standard – this user account type can respond to electronic forms, utilize the Advanced Search for simple reporting and has a customized Dashboard for alerts and notifications. Standard users cannot, however, be assigned to edit pages of content, approve content or otherwise administer anything in the application.
- Advanced – this user account type encompasses all other types of users, from the process owner who updates her narratives and controls on a quarterly basis, to the policy manager who keeps all corporate policies updated, to the site administrator who keeps the entire policyIQ site running smoothly. Advanced users, therefore, must be further broken down into security Roles.
Now let’s move on to Roles.
Only the Advanced users will be assigned a security Role. A Role is a collection of permissions that override any local security permissions granted. For example, an Advanced user account must have a permission of “Add Content” in order to create new content, even if he/she is noted as a Creator on a content Template.
Until policyIQ version 7.2, we provided some Roles in the application, but allowed you to edit any of those to meet your needs. Those Roles were:
- Reports User
- Project Manager
- Location Administrator
- Site Administrator
We found that by allowing your Site Administrators to edit those Roles, we made it harder on ourselves to support clients. If your organization had made a change to the Manager Role, for example, it was difficult for our support team to recognize the change and answer your questions accurately about your specific capabilities in the tool. So in version 7.2, we’ve locked down those six Roles listed above. You CAN, however, still create your own unique Roles by creating a copy and making adjustments. We’ll be able to easily see that your users have a unique, custom defined Role, and we can follow the permissions to answer questions.
In Part 2 of this series, we’ll take a closer look at those now-static Roles, and provide recommendations for the types of users who might be assigned to each. If you have any questions about policyIQ security, Account Types or Roles, let us know. We’re happy to help!