This article contains:
|
1. Overview |
Info |
---|
Note: This section is available only in the flexible hierarchy framework. |
2. Creating User Roles and Assigning to Staff |
2.1 Creating a User Role
STEP 1: Click on the new menu item
...
Role Management, included under the ‘Administration’ area within Camms.Strategy. This can be accessed by clicking on the Strategy Navigation Menu.
...
STEP 2: Click on the
...
New button located above the existing list of user roles to create a new user role.
...
STEP 3: The following fields will load once the
...
New button is clicked.
a. Name – Name of the user role.
b. Product – Displays a list of products within the CAMMS suite activated for the particular client. Select a product.
c. Permission – Displays all the available areas and a list of permissions applicable to those areas based on the selected product.
i. For example, if ‘CAMMSRISK’ is selected as the product, the areas related to ‘Risk’ will load along with the permission applicable to each area.
...
STEP 4: Click on the
...
expand icon placed in front of each area to expand the areas/ permissions.
Users must have both the 'Edit' and 'Link' permissions for editing, and to add/edit the hierarchy linkages.
If the user has the 'Edit' permission, but doesn’t have the 'Link' permission, he/she cannot add/edit hierarchy Linkages.
STEP 5: Tick the relevant permission under each area required for the role as shown in the below figure
...
and click on the
...
Save button to save the user role. User will be saved according to alphabetical order.
...
...
Operational Risk
...
Add
...
Select this option to be able to add Operational Risk types.
...
Delete
...
Select this option to be able to delete Operational Risk types.
...
History
...
Select this option to be able to view the History button in an operational risk type, to view history details in a separate window.
...
Register
...
View All
View All Not Linked to Hierarchy
View Node Only
View Node With Children
View All Created
View All Responsible Officer
...
Details
...
Initial/Current/Future
View
Edit
Edit by Risk's Secondary RO
History
Edit Risk Appetite Benchmark
Review
View
Edit
Edit Next Review Date
Edit by Risk's Secondary RO
History
Document
View
Edit
Edit by Risk's Secondary RO
Link
View
Edit
Edit by Risk's Secondary RO
Link Hierarchies
...
Control
...
Add
Edit
Delete
History
View All RO
...
Risk Solution
...
View
Add
Edit
Edit by Risk's Secondary RO
Edit (Start Date)
Edit (End Date)
Delete
Link
View All RO
...
Show Risks Prior To The Approved Stage
...
Project Risk
...
Add
...
Select this option to be able to add Project Risk types.
...
Delete
...
Select this option to be able to delete Project Risk types.
...
History
...
Select this option to be able to view the History button in a project risk type, to view history details in a separate window.
...
Register
...
View All
View All Not Linked to Hierarchy
View Node Only
View Node With Children
View All Created
View All Responsible Officer
...
Details
...
Initial/Current/Future
View
Edit
Edit by Risk's Secondary RO
History
Edit Risk Appetite Benchmark
Review
View
Edit
Edit by Risk's Secondary RO
Edit Next Review Date
History
Document
View
Edit
Edit by Risk's Secondary RO
Link
View
Edit
Edit by Risk's Secondary RO
Link Hierarchies
...
Control
...
Add
Edit
Edit by Risk's Secondary RO
Delete
History
View All RO
...
Risk Solution
...
View
Add
Edit
Edit by Risk's Secondary RO
Edit (Start Date)
Edit (End Date)
Delete
Link
View All RO
...
Show Risks Prior To The Approved Stage
...
Project
...
Register
View All
View All Not Linked to Hierarchy
View Node Only
View Node With Children
View All Created
View All Responsible Officer
...
Corporate/ Business Risk
...
Add
...
Select this option to be able to add Corporate/Business Risk types.
...
Delete
...
Select this option to be able to delete Corporate/Business Risk types.
...
History
...
Select this option to be able to view the History button in a corporate/business risk type, to view history details in a separate window.
...
Register
...
View All
View All Not Linked to Hierarchy
View Node Only
View Node With Children
View All Created
View All Responsible Officer
...
Details
...
Initial/Current/Future
View
Edit
Edit by Risk's Secondary RO
History
Edit Risk Appetite Benchmark
Review
View
Edit
Edit by Risk's Secondary RO
Edit Next Review Date
History
Document
View
Edit
Edit by Risk's Secondary RO
Link
View
Edit
Edit by Risk's Secondary RO
Link Hierarchies
...
Control
...
Add
Edit
Edit by Risk's Secondary RO
Delete
History
View All RO
...
Risk Solution
...
View
Add
Edit
Edit by Risk's Secondary RO
Edit (Start Date)
Edit (End Date)
Delete
Link
View All RO
...
Show Risks Prior To The Approved Stage
...
Workspace
...
My Quick Update
...
Risk Register
...
Executive Intelligence
...
Risk Analysis
...
My Settings
...
Dashboard
...
Framework
...
Risk Settings
...
View
Edit
...
Quick Search
...
Quick Risk Action Search
...
Administration
...
Client Details
...
View
Edit
...
Hierarchy
...
Show Parents in Hierarchy
Hierarchy Configuration
View
Tabs > Hierarchy
View
Add
Edit
Delete
Tabs > Hierarchy Level
View
Add
Edit
Delete
Hierarchy
View
Add
Edit
Delete
Hierarchy Navigation Pad
...
Staff
...
View
Add
Edit
Delete
...
Users
...
User List
Manage Users
View
Add
Edit
Delete
Staff Grouping
...
Role Management
...
View
Add
Edit
Delete
...
Actions
...
View
View All
View All Not Linked to Hierarchy
View Node Only
View Node With Children
View All Created
View All Responsible Officer
Add
Delete
History
Tabs
Details > View
Details > Edit
Progress > View
Progress > Edit
...
Projects
...
View
Add
Edit
Delete
...
Key Risk Indicators
...
View
Add
Edit
Delete
...
Risk Administration
...
View
Add
Edit
Delete
Email Rules > Show as Email Recipient
...
System Settings
...
View
Edit
...
Configuration
...
View
Edit
...
Risk Management
...
Strategic Risk Register
...
Operational Risk Register
...
Project Risk Register
...
Corporate Risk Register
...
Risk History
...
Risk Control Register
...
Reports
...
Risk Reports
...
Report Uploader
...
Risk Approver
...
Risk Preparer
...
Risk Confidential
Info |
---|
...
Product: CAMMSRISK
...
Permission
...
Description
...
Show Planning Hierarchy
...
Select this option to display the planning hierarchy tab under the Executive Intelligence section and under the Links tab when adding a Hierarchy Linkage for a Risk record.
Info |
---|
Note: If you do not have this permission enabled, you will not be able to link a risk to the Planning hierarchy. |
...
Strategic Risk
...
Add
...
Select this option to be able to add Strategic Risk types.
...
Delete
...
Select this option to be able to delete Strategic Risk types.
...
History
...
Select this option to be able to view the History button in a strategic risk type. Once the History button is clicked, you will be able to view history details in an Audit separate window.
...
Register
...
View All – Select this option to be able to view every single strategic risk record regardless of its hierarchy or person created, in the Strategic Risk Register.
View All Not Linked to Hierarchy – Select this option to be able to view strategic risk records that are not linked to a hierarchy.
View Node Only – Select this option to be able to view strategic risk records that are only related to a node in the hierarchy.
View Node With Children – Select this option to be able to view strategic risk records that are under a node, along with its children.
View All Created – Select this option to be able to view strategic risk records only if you created it.
View All Responsible Officer – Select this option to be able to view strategic risk records only if you are the responsible officer.
...
Details
...
Initial/Current/Future
View
Edit
Edit by Risk's Secondary RO
History
Edit Risk Appetite Benchmark
Review
View
Edit
Edit Next Review Date
Edit by Risk's Secondary RO
History
Document
View
Edit
Edit by Risk's Secondary RO
Link
View
Edit
Edit by Risk's Secondary RO
Link Hierarchies
...
Control
...
Add
Edit
Edit by Risk's Secondary RO
Delete
History
View All RO
...
Risk Solution
...
View
Add
Edit
Edit by Risk's Secondary RO
Edit (Start Date)
Edit (End Date)
Delete
Link
View All RO
...
Show Risks Prior To The Approved Stage
Note: See articles named Permissions and Staff Management of the respective Camms Products for a detailed description of each permission under its products.
|
2.2 Assigning User Roles to Staff
STEP 1: Navigate to the ‘Staff’ page (Framework > Staff).
STEP 2: Create a new staff member by clicking on the
...
New button and fill in the details.
...
STEP 3: Once the staff is saved, the ‘Assign Role’ tab will appear next to the ‘Details’ tab.
...
STEP 4: Click on the
...
Add New button within the ‘Assign Role’ tab to assign a user role to a staff.
...
STEP 5: The following screen will load once the user clicks on the
...
Add New button.
...
In order to assign a role, the user has to fill in the following fields as in the below figure.
‘Hierarchy’ dropdown – Displays all the available hierarchies in the system. Select a hierarchy from the dropdown.
‘Hierarchy Level’ dropdown – Displays the hierarchy levels based on the selected hierarchy. Select a hierarchy level.
‘Hierarchy Node’ dropdown – Displays a list of hierarchy nodes based on the selected hierarchy level. Select a node from the dropdown.
The area after the ‘Hierarchy Node’ dropdown will filter and display the hierarchy tree according to the selected hierarchy, level and node.
In order to expand the hierarchy tree, click on the
...
expand icon placed in front of each node or double click on the relevant node to expand the levels below.
‘Product’ dropdown – Displays a list of products within the CAMMS suite activated for the particular client. Select a product.
‘Group/ Roles’ area – This area will generate a list of roles based on the selected product. Select a user role.
Click on the
...
Save button to assign the role to the staff member.
...
STEP 6: The roles assigned to the user will be displayed as follows.
Hierarchy Name – Displays the selected hierarchy.
Hierarchy Nodes – Displays the nodes to which the role is assigned to. The user may have multiple nodes assigned.
If the user has multiple roles assigned to him, each node will be displayed as a new row.
Roles – Displays a list of roles assigned to the staff.
...
STEP 7: Click on the
...
Edit button to update the user roles.
Clicking on
...
Edit will display tick boxes in front of each role of the selected node. The user can untick irrelevant roles and update the roles assigned to the particular user.
...
STEP 8: Click on the
...
Delete button to delete a role assigned to the user.
2.3 Assigning Multiple Product Permissions to User Roles
A user can select multiple products from the ‘Product’ dropdown and assign permission to the same user role. The staff assigned to this particular user role will have access to multiple products based on the given permission.
For an example, ‘Risk Manager’ role has been given permission under the product ‘CAMMSRISK’ as shown in the below figure.
...
Once this user role is saved, change the product using the ‘Product’ dropdown. The product has been changed to ‘CAMMSSTRATEGY’ as shown in the below figure.
...
Since ‘Risk Manager’ role has been assigned permission under both ‘Risk’ and ‘Strategy’ products, the staff assigned to the ‘Risk Manager’ role will have access to both ‘Risk’ and ‘Strategy’ areas based on the permission.
2.4 Replication of User Roles
STEP 1: Navigate to the ‘Role Management’ page and create a user role.
STEP 2: The
...
Replicate button will appear once the user role is saved.
Click on the
...
Replicate button to create a copy of the user role.
...
b. The duplicated user role will be renamed as ‘Copy of [User Role name]’ by default.
c. For an example, the duplicated user role of ‘Risk Manager’ will be renamed as ‘Copy of Risk Manager’ as shown in the below figure.
d. The user role will get arranged according to the alphabetical order by default.
...
3. SYCLE Mode – Flexible Hierarchy Menu Items |
If the SYCLE mode has been enabled for a client, the flexible hierarchy menu items will be displayed as shown in the below figure.
‘Role Management’ page – ‘Framework’ area.
Once clicked, the page will open in a new tab.
For creation of user roles, view section 'Creating a User Role'.
SYCLE will be displayed under the ‘Product’ dropdown within the ‘Role Management’ page as shown in the below figure.
c. ‘Staff’ page – ‘Framework’ area.
i. Once clicked, the page will open in a new tab.
ii. To assign user roles to staff, view section 'Assigning User Roles to Staff'.
4. Risk Standalone Mode – Flexible Hierarchy Menu Items |
If risk standalone mode has been enabled for a client, the mega menu will be visible as shown in the below figure.
The ‘Role Management’ page and ‘Staff’ page will be displayed within the ‘Administration’ area.
Role Management’ page and ‘Staff’ page will open in a new tab when clicked.
For creation of user roles, view section 'Creating a User Role'.
To assign user roles to staff, view section 'Assigning User Roles to Staff'.
5. Hierarchy Filters |
The following three filters have been added as filter options.
‘Hierarchy’ – Loads all available hierarchies created.
‘Hierarchy Level’ – Loads all hierarchy levels based on the selected hierarchy and permission.
‘Hierarchy Node’ – Loads all nodes relevant to the selected hierarchy level and will be based on the permission applied.
Info |
---|
Important: The filtration will be based on the links within the ‘Organisational Links’ column and will only allow filtration based on the nodes that a risk is linked to. (i.e. filtrations will not role up). |
If all filters are blank, all risks relevant to the user’s permissions will be shown.
The above filters have been added within the following areas.
Camms.Risk – Filters have been added within all Risk Registers.
Strategic Risk Register
Operational Risk Register
Project Risk Register
Corporate Risk Register
Risk Control Register
Camms.Risk Audit – Filters have been added within the following areas.
Audit
Findings
Recommendation
6. Functionality of Hierarchy Trees within EIS and Analysis Areas |
‘EIS’ will load based on the permission assigned to a user. The hierarchy tree will be filtered accordingly.
For an example, if the user is linked to the ‘Chief Executive Officer’ node and the user has been given the ‘View Node with children’ permission, the hierarchy tree will show the ‘Chief Executive Officer’ node and its child nodes.
Actions, KPIs, Budget, Scorecards and Risks will load accordingly.
The level and node the user is linked to will be displayed in the following manner.
The ‘Risk Analysis’ will load based on the permissions assigned to a user.
The hierarchy tree will be filtered according to the hierarchy level and node the user is linked to.
‘Risk Analysis’ will display only the risks assigned to the user under the linked node.
7. Hierarchy Linkages |
7.1 Link to the Organisation Hierarchy
...
Add/ Edit
...
Links button has been added within the following areas in order to link risks/ audits to the flexible org hierarchy.
Risk Registers
Strategic Risk Register – Initial Risk Assessment
Operational Risk Register – Initial Risk Assessment
Project Risk Register – Initial Risk Assessment
Risk Control Register
Risk Solutions tab
Risk Control tab
Audit Register
Audit – Audit Details tab
Recommendation – Recommendation Details tab
The following shows an example of how ‘Risk Solutions’ are linked to the flexible org hierarchy. The same logic applies to all other areas mentioned above in the same manner.
Navigate to the ‘Risk Solutions’ tab and click on the
...
Add/ Edit
...
Links button.
Clicking on the Add/ Edit
...
Links button will open a pop-up that loads the custom/ flexible org hierarchy, expanded to the first level by default.
The user can expand the tree by clicking on the
...
expand icon placed in front of each node or by double-clicking on the node.
The visibility of the nodes and the ability to link risks to a particular node will depend on the permission given to the user.
Click on the
...
Save button to save the selected nodes. The selected hierarchy, level and node will be displayed in the manner of a breadcrumb. f. The selected node will be displayed in bold as shown in the below two figures.
7.2 Linking Risks to the Custom Organisation Hierarchy using Links tab
The hierarchy tree will be filtered according to the permissions given to a user within all risk registers.
STEP 1: Click on the
...
New button within the ‘Links’ tab to link a risk to a hierarchy.
STEP 2: Select ‘Hierarchy’ from the ‘Create a New Linkage’ dropdown.
STEP 3: Select a hierarchy type from the ‘Hierarchy Type’ dropdown.
STEP 4: Once the hierarchy type is selected, the hierarchy tree will be filtered according to the permission given to the user.
For example, if the user has been given the ‘View Node Only’ permission, the hierarchy tree will show the user’s linked node as well as its parent nodes.
STEP 5: Click the
...
Link button to link the risk to the hierarchy.
7.3 Display of Linked Organisation Levels/Nodes – Organisation Link column
The ‘Organisational Links’ column displays the organisation level to which a particular risk is linked to.
This column has been added within the following areas:
Risk Register
Operational Risk Register
Corporate Risk Register
Audit Register
‘Audit’ tab
7.4 Linking Actions to the Hierarchy
A user will be able to link an action to the custom/ flexible org hierarchy based on the permission assigned to a user.
The user’s linked node will be displayed on the top left corner as shown in the below figure when he/she initially navigates to the ‘Action’ page.
Click on the
...
hierarchy icon to view actions linked to other nodes.
When the
...
hierarchy icon is clicked, a pop up displaying the hierarchy tree will appear. The hierarchy tree will display based on the permissions given to the user. The following shows a scenario where ‘View Node with Children’ has been given to a user.
The user’s ability to view, add, edit and delete actions will depend on the permissions assigned to the user through the ‘Role Management’ page. a. For example:
If the user has been given ‘View All’ permission, he/ she will be able to view all actions and will be able to add/ edit based on the permission assigned to him.
If the user has been given ‘View Node only’ permission, he/she will be able to view actions that are linked to his node.
The hierarchy tree within the ‘Links’ tab will be displayed according to the permission given to the user
Info |
---|
Note: The staff member will only be able to create actions if he/she is linked to the organisational hierarchy. |
8. Enhanced Security Permissions |
The list of permissions below have been added within the ‘Role Management’ page in order to restrict a user’s ability to view, add, edit and delete components within certain areas of a product.
8.1 Camms.Strategy
The following permissions have been added under the ‘Actions’ and ‘KPI’ areas within Camms.Strategy.
For example, the grid below has been prepared taking only ‘Actions’ into account. This logic applies to KPIs in the same manner.
Actions | |||
---|---|---|---|
Add | Allows the user to only add actions. | ||
Delete | Allows the user to only delete actions. | ||
View All | Allows the user to view all actions within the application. | ||
View All Not Linked to Hierarchy | Allows the user to view all actions not linked to any node of the hierarchy. If you wish to link such an action to the hierarchy, either one of the permissions; view all, view node only or view node with children, should be assigned in addition to the ‘View All Not Linked to Hierarchy’ permission. | ||
View Node Only | Allows the user to only view all actions assigned to the node that the user is linked to. | ||
View Node With Children | Allows the user to only view all actions assigned to the node and the children of the node that the action is linked to.
| ||
View All Responsible Officer | Allows the user to view all actions to which he is assigned to as a ‘Responsible Officer’. |
8.2 Camms.Risk
The following table shows a list of permissions added within all four risk registers.
For example, the grid below has been prepared taking only ‘Strategic Risks’ into account. This logic applies to other types of risks in the same manner.
Strategic Risk | |||
---|---|---|---|
Add | Allows the user to only add strategic risks to the Strategic Risk Register. | ||
Delete | Allows the user to only delete strategic risks in the Strategic Risk Register. | ||
Strategic Risk Register | |||
View All | Allows the user to view all strategic risks within the application. Allows the user to link strategic risks to all levels/ nodes of the hierarchy. | ||
View All Not Linked to Hierarchy | Allows the user to view all strategic risks not linked to any node of the hierarchy. If you wish to link such a risk to the hierarchy, either one of the permissions; view all, view node only or view node with children, should be assigned in addition to the ‘View All Not Linked to Hierarchy’ permission. | ||
View Node Only | Allows the user to only view all strategic risks assigned to the node that the user is linked to. | ||
View Node With Children | Allows the user to only view all strategic risks assigned to the node and the children of the node that the risk is linked to.
| ||
View All Created | Allows the user to view all strategic risks created. | ||
View All Responsible Officer | Allows the user to view all strategic risks to which he is assigned to as a ‘Responsible Officer’. | ||
Control | |||
Add | Allows the user to add controls to a strategic risk. | ||
Delete | Allows the user to delete controls within a strategic risk. | ||
View All Responsible Officer | Allows the user to view all risk controls to which he is assigned to as a ‘Responsible Officer’ (Control Owner). |
8.3 Camms.Risk Audit
The following table shows a list of permissions added within the audit registers.
For example, the grid below has been prepared by taking only ‘Audits’ into account. This logic applies to ‘Findings’ and ‘Recommendations’ in the same manner.
Audit Register | |
---|---|
View All | Allows the user to view all audits within the ‘Audit Register’. |
View All Responsible Officer | Allows the user to view all audits to which he is assigned to as a ‘Responsible Officer’. |
8.4 Camms.Risk Incident
The following table shows a list of permissions added within the Incident registers.
Info |
---|
Note: Permission for all incident registers will be assigned through the following. |
Incident Register | |||
---|---|---|---|
View All | Allows the user to view all incidents. | ||
View All Not Linked to Hierarchy | Allows the user to view all incidents not linked to any node of the hierarchy. If you wish to link such an incident to the hierarchy, either one of the permissions; view all, view node only or view node with children, should be assigned in addition to the ‘View All Not Linked to Hierarchy’ permission. | ||
View Node Only | Allows the user to only view all incidents assigned to the node that the user is linked to. Allows the user to link incidents to the node that the user is linked to. | ||
View Node With Children | Allows the user to only view all incidents assigned to the node and the children of the node that the incidents are linked to. Allows the user to link incidents to the node and the children of the node that the incident is linked to.
| ||
View All Created | Allows the user to view all incidents created. | ||
View All Responsible Officer | Allows the user to view all incidents to which he is assigned to as a ‘Responsible Officer’. |
...