|
|
Control Compliance Suite supports a combination of roles and permissions-based access control. When the users log on, they see only a filtered application that is based on their role. The role defines the access privileges for the views and tasks. The permissions that the user has on the objects in the CCS directory determine the tasks that the user can perform on an object.
Access control in Control Compliance Suite works in the following order:
Related and relevant tasks are collected to define a role. Role and task association is predefined and cannot be modified.
Roles are assigned to users or groups who access the application.
Users are then assigned the permissions to objects to perform certain tasks. Only users with permissions can perform certain tasks on the objects.
Control Compliance Suite provides the interface to assign the predefined roles and permissions to the Control Compliance Suite users. If a user's role assignment is modified, the user must quit and then restart the Control Compliance Suite console. When the console restarts, the user can see the new views and tasks that are associated with the role.
CCS also provides the facility to create custom roles if the predefined roles do not fit the needs of your organization.
See About custom roles.