Defining Process Model Security
Process Designers can configure each process model to respect security settings. These security settings propagate to the projects based on the model. However, you can configure other security settings for individual projects, deliverables, and users via access groups, individual project security, and conditions.
To define the security in a process model:
- From the System menu, select Process > All Models, and select the model to edit.
- Click the Security tab to display the configuration options.
- Define the security with the following settings:
| Field | Description |
|---|---|
|
Enforce project security |
Select this check box to ensure that only users with security access defined through access groups, security lists, or security profiles can be added to a project. This applies to all user types that can be added to a project. Important! If you enable this option, existing projects using this model that contain users assigned outside their security access are not automatically removed from the project. Project Managers, Process Managers and Idea Managers with Manage Process rights can override this setting as necessary at the project level after a project is created. Enforcing project security at the project level automatically removes users from the project. |
|
Access Group Metric |
To automate a project's access group assignment, select a metric that updates the access group based on the metric's value. Selecting a metric to set the access group updates the security granted to a project when the project meets a certain condition, such as a specific stage of development. Ensure that the selected metric's formula does not include the access group, or a metric that includes the access. If a metric is used to assign the access group, the access group cannot be manually updated in the project. |
|
Default Project Access Group |
Select the default access group to assign to a project at project creation. Process Managers can update the selection as necessary when creating projects. If you are also using restricted access groups, ensure the default group you select is also part of the restricted list. |
|
Restrict Projects To These Access Groups |
To restrict which access groups projects that use the model can exist in, select one or more access groups from the list. If no restrictions are selected, projects that use this model can be created or moved to any access group a Process Manager or Idea Manager has access to select. Setting restrictions at the model level helps to ensure that portfolios and other projects are created in the correct access group location. |
|
Configuration Access Groups |
Select the access group(s) to which the process model belongs. The access group(s) displayed are based on the current user's access group permissions, and the process model defaults to the highest level access group listed. Note that the process model is only added to access groups that are checked. It does not propagate to child access groups unless those child groups are checked. |
- Click Apply to save your changes.
|
Notes:
|