Search Tips
Compliance security groups allow user access to be granted to specific compliance codes. A compliance security group is created and then users are assigned to these groups. Once defined, compliance codes can then be assigned to these groups. Through implementation of compliance security, only designated users can modify details or compliance of those compliance codes to which they have access.
Compliance security groups are not in effect if no compliance group is set up. Therefore, it must be decided whether to use this function or to allow all users to modify compliance.
Create Compliance Security Groups
Pgm: INSGROUP – Compliance Groups; standard Treeview path: System > Security > Compliance Security > Create Security Groups
Compliance security groups are groupings of access rights to the compliance codes within the system. Users accessing the compliance information must belong to a compliance security group if one has been set up in the database. The system will validate that a user has access to that compliance code prior to allowing access to modify details or the setting of the compliant value. New compliance codes are NOT automatically assigned to any compliance security group until manually added.
After accessing the screen, enter a security group code and name.
The [Users] button will open a window that shows all users that are currently assigned to the security group, the [Roles] button will open a window that shows all roles assigned to the security group, while the [Compliance] button opens a window that shows the compliance codes that have been assigned to this security group.
Assign Users to Compliance Security Groups
Pgm: INSGRUSR –Users By Compliance Group; standard Treeview path: System > Security > Compliance Security > Assign Users to Security Groups
Once the compliance security groups are defined, either users or roles need to be assigned to the groups. A user must be assigned to at least one security group in order to have access to modify compliance code data within the system. Users may belong to more than one group.
Enter the security group in the first section then move to the Users section of the screen. Users can be added or removed as required. There is an LOV on both the User Name and Group fields.
Assign Compliance Codes to Compliance Security Groups
Pgm: INSGRINS –Compliance Codes By Compliance Groups; standard Treeview path: System > Security > Compliance Security > Assign Compliance to Security Groups
Once users have been assigned to security groups, it is time to grant access to the compliance codes defined in the system by assigning them to security groups. It is important to note that a compliance code can be assigned to more than one security group.
Enter the compliance group code. In the Compliances section of the screen, the system will automatically display all compliance codes that have been assigned to this security group. To add a compliance code to this security group, click on [Insert] in the Block Toolbar to add a new line and enter the code for the compliance(s) to be assigned to this security group. To remove a compliance code from a group, just delete the code.
Assign Roles to Compliance Security Groups
Pgm: INSGRROL – Assign Roles to Compliance Security Groups; standard Treeview path: System > Security > Compliance Security > Assign Roles to Security Groups
Once the compliance security groups are defined, either users or roles need to be assigned to the compliance groups. While assigning a role to the security group, there are options to limit rights of users to insert, update or delete compliance records belonging to a group.
Group
Enter or select from the LOV a compliance group.
Role
Enter or select from the LOV a role that to be assigned to the compliance group selected in the previous field. Check the boxes beside the role to give users with that role rights to insert, update or delete compliance records belonging to that compliance group.
NOTE: If user has limited role rights assigned in this screen, but at the same time is assigned as an individual user to the same compliance group in the Assign Users to Compliance Security Groups screen, they will get all rights to insert, update or delete compliance records belonging to a group. So, to limit user rights to insert, update or delete, it is wise to take that into account at the time of the initial set up and never have the same user assigned individually, and through their role, to the same group.