Permissions in the ISMS
Access permissions in the ISMS are controlled via Dynamic permissions. In the ISMS app, you can assign permissions using the following properties:
-
App access: the users are allowed see the app ISMS restricted with only the risks he/she has created.
-
App-Admin: the user has all viewing and editing rights in the app ISMS.
-
App key user: this attribute has no special impact on the ISMS app. In the ISMS app, you cannot control permissions using this attribute.
Other permissions:
Users with responsibility in a risk, action or IS incident may propose, approve and reject for archiving.
Local ISO: In legal entities, you can assign local Information security officers. A local ISO has the following permissions:
-
has all viewing and editing rights in the app ISMS
-
is allowed to manage the need for protection on processes
-
is allowed to manage risks on IT systems
You can also assign permissions in the Local ISO attribute in folders where ISMS objects are created.