We are trying to create a Group for auditees and have been experimenting with the correct rights (Access List) in order for the Auditee to be able fill the Audit. Generally the Role Management contains a lot of different rights which can be assigned to a Group and it is not always easy to understand what each Means. Can anyone provide some insights into this?
What we are trying to accomplish is to create a Group which will have the rights to fill in an Audit and nothing else.
We would also like that the Auditee are not able to see other Audits than the one he is assigned to, this I guess can not be done with rights, but can it be done with Workflows?
When someone with full rights are assigned to an Audit and goes to fill it, he can also see what other Auditees have filled, this we would also like to prevent.
ComplianceAudits/Analyze
ComplianceAudits/AnalyzeAuditee
ComplianceAudits/AuditeeExportFindings -> Download PDF findings
ComplianceAudits/AuditeeFeedback -> provide a feedback (the select dropdown with answers)
We’ll include this in the documentation later today. Thanks for bringing this up mvp !
Hello,
Is there updated documentation on this?
Some of the ACLs given here are no longer available in the latest enterprise edition.
Want to achieve same objective.
Individuals who are assigned to execute Audits, should be able to login and execute the audit and load comments and evidences.
They should also have some sort of dashboard giving a summary of their tasks
Same concept for Policy reviews and other applicable modules
ACLs dont need descriptions , the reason why is long but is explained on the 5th Basic Training session which covers in detail how to work with groups, user accounts, ldap sync, ACLs etc
Most default groups that come in eramba are enough for what you mention, but you still need to understand in detail how access management works , i strongly advice completing the video above.
If you need a specific ACL that is not defined on the default groups you can of course do it yourself, the trainnig above explains how that works, also the following video on the access management documentation: