Security

Access is given via specific responsibilities and/or security roles as indicated below:

** As standard default behaviour a Director and Business Unit Manager will only be able to view staff assessments for staff linked within and based on the Reporting Hierarchy. See below 'Director and Business Unit Manager security' for more details.

• General User can only see their own assessment.

• An Administrator can view all assessments.

Director and Business Unit Manager Security - Reporting Hierarchy (Default Behaviour)

Currently the default PES Security model is based on the Reporting Hierarchy. This means that a user is given the 'Org Unit Manager' permission from the PES List User page, they can see and Access:

• Assessments of all sub-ordinates based on the chain of command (which is derived from the List Users page "Reporting Officer" Listing). For example, Take 3 users - John, Adam and Tyler. Adam reports to John and Tyler reports to Adam. However Adam is in Johns department (Business Unit) which Tyler is from another. If John has Org Manager permission, under the reporting Hierarchy John can see the assessment of both Adam and Tyler.

List Users Page:

• Assessments where the current user is directly set as the Reporting Officer.

• Assessments where any of the sub-ordinates in the chain of command is set as the Reporting Officer.

Note: Business Unit Manager and Director Security levels via interplan/Planning is not taken in consideration of this security model and therefore are excluded from the setup.  

Director and Business Unit Manager Security - Organisational Hierarchy (Optional switch over)

The other option is to have the security based on the Organisational Hierarchy. This means that a user is given the 'Org Unit Manager' permission from the PES List Users page and can see and Access:

• Assessments of individuals linked to that users organisational unit (business Unit). For example, Take 3 users - John, Adam and Tyler. John is an Org unit Manager. John and Adam are both in the Corporate Services Department (BU) and Tyler is in the IT Department (BU). John can then see only Adams Assessment, since Adam is in the same Organisational unit (BU) as John.

• Assessments where the current user is directly set as the Reporting Officer

A Director can view an assessment as long as the Assessee is a direct-report. A Director cannot view assessments of an Assessee attached to another Directorate even when the Reporting Officer of that assessment is within the Directorate.

A Business Unit Manager can view an assessment as long as the Assessee is attached to that Business Unit. The Business Unit Manager cannot view assessments of an Assessee attached to another Business Unit even when the Reporting Officer is from the same unit.

In order to understand the assessment viewing privileges, let us look at the security implementation for an example organisation.

To Activate this Security please submit a 'deployment services request' via the CAMMS support portal and request to turn on the 'Enable Organisation Structure based security' setting. CAMMS are working on making this visible for PES Administrators and will be released in due course.

Administrator level access

• Has access to all system security settings

  • creating, editing and viewing users

  • access to the administrator management menu

• Has access to view all assessments

  • as per the example above, the Administrator can view the assessments of the following: Director - Project, Director - Planning, BU Manager - Project, BU Manager - Planning and all general users

  • has access to view organisational reports

• Analysis Services are enabled with the full view

Administrators cannot edit assessments belonging to other users; they can only modify their own assessments.

Director level access

• No access to system security settings.

• Has access to view all assessments under his/her Directorate, based on the security level selected (by Reporting structure or Organisational Structure)

  • as per the example above, the Director - Project can only view assessments under his/her Directorate

• Limited view of analysis services according to his/her Directorate.

Thus, the Director – Project can view any assessment where the Assessee is within the same Directorate. The Reporting Officer can be from the same or another Directorate as illustrated below.

Director cannot view an assessment of an Assessee from another Directorate even when the Reporting Officer is of that assessment is within the same Directorate.

Business Unit manager accessibility

• No access to system security settings

• Has access to view assessments only under his/her business unit, based on the security level selected (by Reporting structure or Organisational Structure)

  • as per the example above, the BU Manager – Project can only view assessments under his/her BU

• Limited view of analysis services according to his/her Business Unit

Thus, the Business Unit Manager – Project can view any assessment where the Assessee is within the same Business Unit (with the exception of the Director). The Reporting Officer can be from the same or another Directorate as illustrated below.

Business Unit Manager cannot view an assessment of an Assessee from another Business Unit even when the Reporting Officer is of that assessment is within the same Business Unit.

Copyright © 2014-2015 CAMMS Online Help. All rights reserved.

Last revised: November 26, 2017