Governance Management Roles
EmpowerID restricts access to compliance policy operations through the use of Management Roles. To work with compliance policies, users must be assigned to the appropriate roles. Management Roles are prefixed by their function in EmpowerID and include the following:
UI – Management Roles prefixed with UI grant users access to specific UI elements in the EmpowerID Web interface. An example of this type of role for compliance is UI-Audit-Full-Access. This role grants users full access to the audit workflows and user interfaces needed to allow a user to review their audit tasks and those of others.
VIS – Management Roles prefixed with VIS grant users the ability to see specific objects in EmpowerID. An example of this type of role for compliance is VIS-Audit-All. This role grants users visibility for all audits
ACT – Management Roles prefixed with ACT grant users the ability to manage specific objects in EmpowerID. An example of this type of role for compliance is ACT-Audit-Object-Administration-All. This role grants users access to create, edit, and delete all audits.
Role bundle needed to manage Recertification policies
To manage Recertification policies, users need the following Management Role
Management Role | Access Granted by Management Role | Role Type |
---|---|---|
Recertification Administrator | Grants users access to create and manage recertification campaigns and risk policies. | Role Bundle |
Individual Management Roles included in Role Bundle | ||
Management Role | Access Granted by Management Role | Role Type |
ACT-Audit-Object-Administration-All | Grants users access to create, edit, and delete all audits. | Activity |
UI-Audit-Full-Access | Grants users full access to the audit workflows and user interfaces to allow a user to review their audit tasks and those of others. | Feature Set |
UI-Audit-Logging | Grants users access to various audit-related reports and logs. | Feature Set |
VIS-Audit-All | Grants users visibility for all audits | Visibility |
VIS-Location-All | Grants users visibility for all locations | Visibility |
VIS-Person-All | Grants users visibility for all people | Visibility |
VIS-SetGroup-All | Grants users visibility for all Query-Based Collections | Visibility |