Risk Permissions and Staff Management
1. Permissions |
Risk permissions has the following formats:
Static permission structure – designated roles entailing a standard set of capabilities around the system.
Flexible permission structure – dynamic roles with the ability to define the capabilities for the roles are.
Note: Refer the article 'Administration – Role Management' in Strategy for guidance on setting up Flexible permissions.
2. Risk – Static Permissions |
Risk Management is available at a read-only access level for most users, with edit access given via specific responsibilities and/or security roles as indicated in the below table. Permissions can be accessed via Manage Users under Administration for a staff member, where a user role can be created and assigned.
Security Level | Project Risk | Operational Risk | Strategic Risk | Corporate Risk | Register Access | Risk Actions | Risk Controls | Risk Settings | Administration Settings |
|---|---|---|---|---|---|---|---|---|---|
Administrator | View, Create, Edit, Delete | View, Create, Edit, Delete | View, Create, Edit, Delete | View, Create, Edit, Delete | All | View, Create, Edit, Delete | View, Create, Edit, Delete | View, Edit | View, Edit |
Risk Manager | View, Create, Edit, Delete | View, Create, Edit, Delete | View, Create, Edit, Delete | View, Create, Edit, Delete | All | View, Create, Edit, Delete | View, Create, Edit, Delete | View, Edit | None |
Business Unit Manager | View All, Create and Edit (Only to assigned Business Unit) | View All, Create and Edit (Only to assigned Business Unit) | View All, Create and Edit Only Assigned Records | View All, Create and Edit Only Assigned Records | All | View, Create, Edit (Only to assigned Business Unit) | View, Create, Edit (Only to assigned Business Unit) | Read Only | None |
Director | View All, Create, Edit (Only to assigned Directorate and Business Unit) | View All, Create, Edit (Only to assigned Directorate and Business Unit) | View All, Create and Edit Only Assigned Records | View All, Create and Edit Only Assigned Records | All | View, Create, Edit (Only to assigned Directorate and Business Unit) | View, Create, Edit (Only to assigned Directorate and Business Unit) | Read Only | None |
Operational Risk Editor | View and Edit Only Assigned Records | View, Create, Edit, Delete | View and Edit Only Assigned Records | View and Edit Only Assigned Records | Operational Only | View, Create, Edit | View, Create, Edit | Read Only | None |
Operational Risk Viewer | View and Edit Only Assigned Records | View and Edit Only Assigned Records | View and Edit Only Assigned Records | View and Edit Only Assigned Records | Operational Only | View, Create, Edit Only Assigned Records | View, Create, Edit Only Assigned Records | Read Only | None |
Project Risk Editor | View, Create, Edit, Delete | View and Edit Only Assigned Records | View and Edit Only Assigned Records | View and Edit Only Assigned Records | Project Only | View, Create, Edit | View, Create, Edit | Read Only | None |
Project Risk Viewer | View All, Edit Only Assigned Records | View and Edit Only Assigned Records | View and Edit Only Assigned Records | View and Edit Only Assigned Records | Project Only | View, Create, Edit Only Assigned Records | View, Create, Edit Only Assigned Records | Read Only | None |
Strategic Risk Editor | View and Edit Only Assigned Records | View and Edit Only Assigned Records | View, Create, Edit, Delete | View, Create, Edit, Delete | Strategic and Corporate Only | View, Create, Edit | View, Create, Edit | Read Only | None |
Strategic Risk Viewer | View and Edit Only Assigned Records | View and Edit Only Assigned Records | View All, Edit Only Assigned Records | View All, Edit Only Assigned Records | Strategic and Corporate Only | View, Create, Edit Only Assigned Records | View, Create, Edit Only Assigned Records | Read Only | None |
Operational User | View, Edit Only Assigned Records | View, Edit Only Assigned Records | View, Edit Only Assigned Records | View, Edit Only Assigned Records | No access | View, Edit Only Assigned Records | View, Edit Only Assigned Records | Read Only | None |
Confidential | View and Edit Only Assigned Records, View all confidential records | View and Edit Only Assigned Records, View all confidential records | View and Edit Only Assigned Records, View all confidential records | View and Edit Only Assigned Records, View all confidential records | All | View and Edit Only Assigned Records, View all confidential records | View and Edit Only Assigned Records, View all confidential records | Read Only | None |
Note: See article Risk Approval for more details of the approval process and permissions related to Risk Approver and Risk Preparer.
Important: When the 'Security to view risks' setting is switched ON, only the users with create and/or edit permissions for risks can view the relevant risk details. Create/edit privileges for the risk areas are based on the existing user permissions. This setting will be activated only upon request. If you wish to activate this setting, please contact our Support Team via the Riskonnect Success Portal (RSP)
Any other permissions available in this area will be explained under the respective product areas from which they are coming from. The Branch Risk Coordinator and Division Risk Coordinator permissions are obsolete and therefore will be soon removed from the system.
Operational Users can only update their own risks (project, operational, corporate, and strategic risk) if the operational user is a responsible officer for that particular risk.
Further, Operational Users can NOT view Dashboard, Dashboard/EIS/Risk Analysis in the left-hand navigation bar (for Static Hierarchy only).Action Owners can only update the risk actions which are assigned to them.
Executive Intelligence Permission will give a user access to the EIS and Analysis areas in the solution. The records displayed for each user under these areas can be found under the respective articles for these sections.
The following additional rules apply within the Risk Management area:
Risk Settings area |
|
|---|---|
Strategic Risk area |
|
Operational Risk area |
|
Project Risk area |
|
Note: The Secondary Risk Responsible Officer has the same rights as the Primary Risk Responsible Officer. However, the Secondary Risk Responsible Officer will not be allowed to modify the Primary Risk Responsible Officer, or the status of the risk assessment.
3. Risk – Flex Permissions |
Under Role Management (accessed via Risk Menu > Administration > Role Management > Add New/Edit. select the CAMMSRISK option, within the 'Product' dropdown.
Area | Permission | Description |
|---|---|---|
| Show Planning Hierarchy | Select this permission to display the planning hierarchy tab under the Executive Intelligence section and under the Links tab when adding a Hierarchy Linkage for a Risk record. Note: If you do not have this permission enabled, you will not be able to link a risk to the Planning hierarchy.  Figure 3.2 |
|
|
|
Strategic Risk | Add | Select this permission to be able to add Strategic Risk types via the left-hand navigation and via the Control Register Add New button.  Figure 3.3 |
| Delete | Select this permission to be able to delete Strategic Risk types.  Figure 3.4 |
| History | Select this permission to be able to view the History button under Strategic risks. Once the History button is clicked, you will be able to view history details in a popup window under a 'Details' tab.  Figure 3.5  Figure 3.6 |
Strategic Risk > Register | View All | Select this permission to view all Strategic Risk records regardless of its hierarchy or created user, in the Strategic Risk Register. |
| View All Not Linked to Hierarchy | Select this permission to view Strategic Risk records that are not linked to a hierarchy. |
| View Node Only | Select this permission to view Strategic Risk records that are only related to a node in the hierarchy. |
| View Node with Children | Select this permission to view Strategic Risk records that are under a node, along with its children. |
| View All Created | Select this permission to view Strategic Risk records only if you (logged in user) created it. |
| View All RO | Select this permission to view Strategic Risk records only if you (the logged in user) are the Responsible Officer. |
Strategic Risk > Details > Initial | View | Select this permission to enable the 'Initial/Inherent' tab in Strategic Risk Assessments. |
| Edit | Select this permission to be able to edit and save a Risk record in the 'Initial/Inherent' tab in Strategic Risk Assessments. |
| Edit by Risk's Secondary RO | Select this permission for a Risk record's Secondary Responsible Officer to be able to edit a Strategic Risk's Initial/Inherent Assessment tab. |
| History | Select this permission to be able to view the History button under Strategic risks. Once the History button is clicked, you will be able to view history details in a popup window under the 'Initial/Inherent Risk Assessment' tab.  Figure 3.7  Figure 3.8 |
Edit Risk Appetite Benchmark | Select this permission to enable an Edit button to edit the Risk Appetite Benchmark set for an organisation, in the Initial/Inherent Assessment tab for a Strategic Risk. |
|
Strategic Risk > Details > Current | View | Select this permission to enable the 'Current/Residual/Revised' tab in Strategic Risk Assessments. |
| Edit | Select this permission to be able to edit and save a risk record in the 'Current/Residual/Revised' tab in Strategic Risk Assessments. |
| Edit by Risk's Secondary RO | Select this permission for a Risk record's Secondary Responsible Officer to be able to edit a Strategic Risk's Current/Residual/Revised Assessment tab. |
| History | Select this permission to be able to view the History button under Strategic risks. Once the History button is clicked, you will be able to view history details in a popup window under the 'Current/Residual/Revised Risk Assessment' tab.   Figure 3.9 |
Strategic Risk > Details > Future | View | Select this permission to enable the 'Future' tab in Strategic Risk Assessments. |
| Edit | Select this permission to be able to edit and save a risk record in the 'Future' tab in Strategic Risk Assessments. |
| Edit by Risk's Secondary RO | Select this permission for a Risk record's Secondary Responsible Officer to be able to edit a Strategic Risk's Future Assessment tab. |
| History | Select this permission to be able to view the History button under Strategic risks. Once the History button is clicked, you will be able to view history details in a popup window under the 'Future Risk Assessment' tab.  Figure 3.10  Figure 3.11 |
Strategic Risk > Details > Review | View | Select this permission to enable the 'Risk Review' tab in Strategic Risk Assessments. |
| Edit | Select this permission to be able to edit and save a risk record's review details in the 'Risk Review' tab in Strategic Risk Assessments. |
| Edit Next Review Date | Select this permission to be able to edit and adjust the Next Review Date in the 'Risk Review' tab in Strategic Risk Assessments. |
| Edit by Risk's Secondary RO | Select this permission for a Risk record's Secondary Responsible Officer to be able to edit a Strategic Risk's Review tab. |
| History | Select this permission to be able to view the History button under Strategic risks. Once the History button is clicked, you will be able to view history details in a popup window under the 'Risk Review' tab.  Figure 3.12  Figure 3.13 |
Strategic Risk > Details > Document | View | Select this permission to enable the 'Documents' tab in Strategic Risk Assessments. |
| Edit | Select this permission to be able to edit and save a risk record's document attachments/links in the 'Documents' tab in Strategic Risk Assessments. |
| Edit by Risk's Secondary RO | Select this permission for a Risk record's Secondary Responsible Officer to be able to edit a Strategic Risk's Document tab. |
Strategic Risk > Details > Link | View | Select this permission to enable the 'Links' tab in Strategic Risk Assessments. |
| Edit | Select this permission to be able to edit and save a risk record's linkages to other entities in the 'Links' tab in Strategic Risk Assessments. |
| Edit by Risk's Secondary RO | Select this permission for a Risk record's Secondary Responsible Officer to be able to edit a Strategic Risk's Links tab. |
| Link Hierarchies | New hierarchies created in the Field Configuration page under Strategic Risks, will be listed one below the other here. Select these permissions to include these added hierarchies. |
Strategic Risk > Control | Add | Select this permission to display an Add New button to add controls in the Control Details Grid section for Strategic Risk records. |
| Edit | Select this permission to display an Edit button to edit Controls in the Control Details Grid section for Strategic Risk records. |
| Delete | Select this permission to display a Delete button to delete Controls in the Control Details Grid section for Strategic Risk records. |