Security
- Role-based security
- Use role-based security to define application permissions for each role and to set access control (Read, Write, Delete, Associate) for each object that is included in that role. All users in each role inherit the same security access controls.
- Custom security
- Use custom security to set access control (Read, Write, Delete, Associate) on folders for
Project Milestones and Project Action Items. All objects in the folder inherit the same security
access controls. Note: The custom security feature is deprecated. Use role based security instead.
- Security rules
- You can define two types of security rule:
- Record level security rules
Use record level security rules to control access to individual objects in a folder. For example, two GRC domains share a common organizational hierarchy. They share some common object instances, such as processes, but they do not want to share other object instances, such as risks and controls. If you do not create security rules on objects, folder-based security applies.
Record level security rules have the following access controls: Create, Read, Update, Delete, and Associate. The Write access control in folder-based security is split into Create and Update for security rules, which gives you more control over what users can and cannot do.
- Field level security rules
Use field level security rules to control access to individual fields within an object.
- Record level security rules
Role-based security and security rules differ from profiles and field dependencies because security is applied everywhere rather than in the OpenPages with Watson application only.