Within the MyCompliance Platform, there are a range of different roles and permissions that can be assigned to users. The flexibility in roles and permissions enables you to refine access for user groups or individual users.
- Administrator: Full control of the platform, with access to all functionality. (Limitations apply within the Privacy module where an Admin is not a record owner.)
- User Management Admin: User Management Admins can have access to User Management, Campaigns/Content Creation, Tools & Reporting. They can assign the Business User role to Basic users and assign relevant platform and user access. The option to make a user an Admin during single-user upload is not available for this role. Licence count is not visible for this role.
- Business User: Has Restricted/Customised permissions and generally has less permissions than an Admin. Business Users can be locked down to manage assigned User Groups and Categories within the platform.
- Data Protection Officer: Full control of the site, and access to all functionalities. (Only available when Privacy module is enabled.)
- Data Champion: This person has access to all Privacy Registers; however, they are displayed with a restricted view, i.e. only showing the register records that Data Champions own. Data Champions also have access to Campaigns, the creation of policy, learning, survey & phish content, along with Content Adoption Reports and the Privacy Overview/Privacy Reporting. (Only available when Privacy Module is enabled.)
- User: General end user with access to assigned Policies and Training; can also be targeted with Phishing Simulations.
User Roles can be updated by navigating to Profile>Admin View>User Management>Permissions. There is an extensive range of user configuration options available within this area. Depending on your User set-up, (SCIM, AD Sync, Federated or Email-based), this area may appear differently.
- Edit User Roles
To update the role for an end user, enter the user's email address into the search field, and click Search. Confirm that the required user has been selected, and click Select Role. Depending on the required update, select the preferred role you wish to assign to the selected user.
The selected role will be available to the assigned user during their next logon.
Business User: When assigning a Business User role to a user, you must then assign the relevant Target Permissions. Target Permissions are used to provide access or ownership to Categories and Users within the platform. (Select Target Permissions tab to assign.)
- Target Permissions
An Administrator can refine the permissions assigned to a Business User. A Business User can be assigned Categories, Collectives (AD Sync), SCIM Groups or User Groups (Email-based/Federated Users). Once assigned, the Business User can create/assign content to their assigned User Groups/Collectives/Categories, and view reporting data that is targeted solely to their assigned User Groups/Collectives/Categories.
Alternatively, if the Business User requires the ability to target content to the entire Organisation, you can provide this access by selecting the Access Target Tree checkbox.
Ensure to click Save Permissions after any changes.
Further Information on Business User Access and Permissions
- If a Business User has been assigned only 1 User Group, the user can be assigned the User Permission which will enable the Business User to manage and control membership of the User Group.
- To assign this permission, navigate to Profile>Admin View>User Management>Permissions>User Permissions>Select Role (Business User)> Select User (Username)> tick User>click Save Permissions.
- If a Business User has been assigned 2 or more User Groups, they are unable to manage or control the membership of these groups. They can, however, continue to target content to these groups and view the corresponding reporting.
- In this scenario, an Administrator or User Management Admin can control the membership of the User Groups on behalf of the Business User.
- Business Users can:
- view basic users within their assigned group;
- complete a single or bulk upload of email users in their group; (Department field of the upload is prepopulated with their group name)
- create Subgroups if their assigned group is not populated with email users. They can also add email users to these subgroups via 'Bulk Upload' functionality. The group name must be populated on the upload list for users to be added to the relevant subgroup.
- Business Users cannot:
- view the Platform Licence Count;
- upload Admin users;
- replace email users via a bulk user list upload; (Users must be removed individually using the ‘Disable User’ function)
- view Campaign content unless this has been created by the Business User.
- If a Business User disables an email user, the user will no longer be targeted with content, and they will be removed from their group. At this point, the Business User will lose access to that user.
- If you need to delete a Business User who has a group assigned to them, you will first need to reassign access to another Business User.
- Group Permissions
The Group Permissions section allows Administrators to provide Business Users, User Management Admins and Data Champions with enhanced or reduced functionality. The permissions reflect the administrative features that Group of users will have access to on the navigation panel.
Select the required User Role from the 'Select Role' drop-down, and tick the relevant permissions that should be assigned to this User Role. Once the relevant permissions have been applied, select Save Permissions. Note that this will update the permissions for all users that have been assigned this role.
To change permissions on a user level, as opposed to a User Role level, navigate to User Permissions.
- User Permissions
If users have been assigned the Business User, User Management Admin or Data Champion roles, Administrators can edit individual permissions for this user. This option is beneficial, as it can provide unique access to each user role.
Select the required role from the 'Select Role' drop-down, locate the required user, and update the permissions as required. Once the relevant permissions have been applied, select Save Permissions.
To restore a user to default, locate the user, and select Restore Defaults.