Ideagen Luminate logo Ideagen Luminate logo
Navigation
Need help?
Send feedback
Sign in
This page does not meet FedRAMP security standards. Please avoid entering sensitive or classified information. Learn more
Learn more
Learn more

Looking for help?

Common queries

View all

Send us feedback

Megaphone illustration

Before you start

This form is for Ideagen Luminate feedback only. Your submission will not receive a response.

Looking for support? Select the solution you need help with and open a ticket with us.
New article Recently updated

Overview of changes to security model in version 1.11

By Karl Newstead
  • Last updated
⌘ K
Search this article
Print this article

Who is this article for?

Administrators managing user permissions.

No special access or permissions are required.

This article provides guidance regarding a change in functionality with version 1.11 of Ideagen Internal Audit and Ideagen Risk Management.

1. Previous model

In Ideagen Internal Audit and Ideagen Risk Management, many types of object (e.g. Audit, Objective, Risk etc.) are assigned to a Location.

You can give users access to a specific record by assigning a Group to its Location.  Any user within the Group will be granted access to all records in that Location.

2. Updated model

In v1.11, we will be adding similar functionality around Processes.  This means that in order to see a record linked to a Process, a user must be a member of a Group that is assigned to that Process.

2.1. Impact

A user will be able to see a record only if they are in a Group that can access both the Location and Process.

Example
I am a user in a Group linked to the Location “USA”, and a Group linked to the Process “Accounts Payable”. I will have access to all the objects with “USA” (and its children) and “Accounts Payable” (and its children) as their Location AND Process.

Any record with “USA” as its Location and a Process that is not "Accounts Payable" will be hidden from me, because I do not have access to both the Location AND the Process.

If records do not have a Process set, I will still have access to them.

Location will remain a mandatory field on all these objects but Process will not be made a mandatory field.  Any record without a Process will be accessible to all users that have access to that Location.

Administrators will still be able to see all records.

Assigned users and owners will still have access. The behaviour for Audit owners and users assigned to an Audit will not change; they will still have access to that Audit.

3. Preparing for the change

To prepare for the change:

  1. Create Groups which align with how you have set up Processes.
    That may mean creating Groups for different Processes.
  2. Assign users to those Groups.
  3. After the update, assign these Groups to Processes.
  4. If you do not need to restrict access based on Process, add that Group to the top Process in the hierarchy.

The same Groups can be used for Locations and Processes for easier maintenance.

What do you think about this article?

Your feedback helps us improve

More articles in this section

Looking for more help? Ask the Community

On this page

Powered by Zendesk