Security

Camms.Risk security and staff management has the following formats:

  • Fixed permission structure – designated roles entailing a standard set of capabilities around the system.
  • Flexible permission structure – dynamic roles with the ability to define the capabilities for the roles are.

This article will guide you through the Fixed permission structure. Please refer to the 'Role Management' section in Camms.Strategy for guidance on the Flexible permission structure. 

Risk Management is available at a read-only access level for most users, with edit access given via specific responsibilities and/or security roles as indicated in the below table. Permissions can be accessed via Manage Users under Administration for a staff member, where a user role can be created and assigned.

Security Level
Project Risk
Operational Risk
Strategic Risk
Corporate Risk
Register Access
Risk Actions
Risk Controls
Risk Settings
Administration Settings
Administrator
View, Create, Edit, Delete
View, Create, Edit, Delete
View, Create, Edit, Delete
View, Create, Edit, Delete
AllView, Create, Edit, Delete
View, Create, Edit, Delete
View, EditView, Edit
Risk Manager
View, Create, Edit, Delete
View, Create, Edit, Delete
View, Create, Edit, Delete
View, Create, Edit, DeleteAllView, Create, Edit, Delete
View, Create, Edit, DeleteView, EditNone
Business Unit Manager
View All, Create and Edit (Only to assigned Business Unit)
View All, Create and Edit (Only to assigned Business Unit)View All, Create and Edit Only Assigned Records
View All, Create and Edit Only Assigned Records
All
View, Create, Edit (Only to assigned Business Unit)
View, Create, Edit (Only to assigned Business Unit)
Read Only
None
Director
View All, Create, Edit (Only to assigned Directorate and Business Unit)
View All, Create, Edit (Only to assigned Directorate and Business Unit)
View All, Create and Edit Only Assigned Records
View All, Create and Edit Only Assigned Records
All

View, Create, Edit

(Only to assigned Directorate and Business Unit)


View, Create, Edit

(Only to assigned Directorate and Business Unit)


Read Only
None
Operational Risk Editor
View and Edit Only Assigned Records
View, Create, Edit, Delete
View and Edit Only Assigned Records
View and Edit Only Assigned Records
Operational Only
View, Create, Edit
View, Create, Edit
Read Only
None
Operational Risk Viewer
View and Edit Only Assigned Records
View and Edit Only Assigned Records
View and Edit Only Assigned Records
View and Edit Only Assigned Records
Operational Only
View, Create, Edit Only Assigned Records
View, Create, Edit Only Assigned Records
Read Only
None
Project Risk Editor
View, Create, Edit, Delete
View and Edit Only Assigned RecordsView and Edit Only Assigned RecordsView and Edit Only Assigned Records
Project Only
View, Create, Edit
View, Create, Edit
Read Only
None
Project Risk Viewer
View All, Edit Only Assigned Records
View and Edit Only Assigned Records
View and Edit Only Assigned Records
View and Edit Only Assigned Records
Project Only
View, Create, Edit Only Assigned Records
View, Create, Edit Only Assigned Records
Read Only
None
Strategic Risk EditorView and Edit Only Assigned Records
View and Edit Only Assigned Records
View, Create, Edit, Delete
View, Create, Edit, Delete
Strategic and Corporate Only
View, Create, Edit
View, Create, Edit
Read Only
None
Strategic Risk Viewer
View and Edit Only Assigned Records
View and Edit Only Assigned Records
View All, Edit Only Assigned Records
View All, Edit Only Assigned Records
Strategic and Corporate Only
View, Create, Edit Only Assigned Records
View, Create, Edit Only Assigned RecordsRead Only
None
Operational User
View, Edit Only Assigned Records
View, Edit Only Assigned RecordsView, Edit Only Assigned RecordsView, Edit Only Assigned RecordsNo access
View, Edit Only Assigned Records
View, Edit Only Assigned Records
Read Only
None
ConfidentialView and Edit Only Assigned Records, View all confidential recordsView and Edit Only Assigned Records, View all confidential records
View and Edit Only Assigned Records, View all confidential records
View and Edit Only Assigned Records, View all confidential records
AllView and Edit Only Assigned Records, View all confidential records
View and Edit Only Assigned Records, View all confidential records
Read Only
None


Note: See article Risk Approval for more details of the approval process and permissions related to Risk Approver and Risk Preparer.

Important: When the 'Security to view risks' setting is switched ON, only the users with create and/or edit permissions for risks can view the relevant risk details. Create/edit privileges for the risk areas are based on the existing user permissions. This setting will be activated only upon request. If you wish to activate this setting,  please contact Camms Helpdesk.

Any other permissions available in this area will be explained under the respective product areas from which they are coming from. The Branch Risk Coordinator and Division Risk Coordinator permissions are obsolete, and therefore will be soon removed from the system. 

  • Operational Users can only update their own risks (project, operational, corporate, and strategic risk) if the operational user is a responsible officer for that particular risk.
    Further, Operational Users can NOT view Dashboard, Dashboard/EIS/Risk Analysis in the left hand navigation bar (for Static Hierarchy only).
  • Action Owners can only update the risk actions which are assigned to them.
  • Executive Intelligence Permission will give a user access to the EIS and Analysis areas in the solution. The records displayed for each user under these areas can be found under the respective articles for these sections. 

The following additional rules apply within the Risk Management area:

Risk Settings area

  • This area is only accessible to individuals with the System Administrator and Risk Manager roles.

Strategic Risk area

  • This area will be editable by individuals with the Administrator, Strategic Planner, Risk Manager, and Strategic Risk Editor roles.
  • Responsible Officers for risk issues will be able to undertake risk assessments in the Strategic Risk area.

Operational Risk area

  • This area will be editable by individuals with the Administrator, Risk Manager, and Operational Risk Editor roles.
  • Risks and assessments will be editable by individuals with Director and Business Unit Manager roles.
  • Responsible Officers for risks will be able to undertake risk assessments in the Operational Risk area.

Project Risk area

  • This area will be editable by individuals with the Administrator, Risk Manager, and Project Risk Editor roles.
  • Risk Issues and assessments will be editable by the relevant Director and Business Unit Manager, and Action owner roles.
  • Responsible Officers for risk will be able to undertake risk assessments in the Project Risk area.


Note: The Secondary Risk Responsible Officer has the same rights as the Primary Risk Responsible Officer. However, the Secondary Risk Responsible Officer will not be allowed to modify the Primary Risk Responsible Officer, or the status of the risk assessment.


Risk Control Permissions


Control Owner Dropdown
Control Owner Rating Dropdown
Control Authoriser Dropdown
Control Authoriser Rating Dropdown
Other fields related to Risk Control
Operational Risk Editor
Not Editable
Not Editable
Not Editable
Not Editable
Editable
Strategic Risk Editor
Not Editable
Not Editable
Not Editable
Not Editable
Editable
Project Risk Editor
Not Editable
Not Editable
Not Editable
Not Editable
Editable
Risk Responsible Officer
Not Editable
Not Editable
Not Editable
Not Editable
Not Editable
Administrator/Risk Manager
Editable
Editable
Editable
Editable
Editable
If only the Control Owner has been assigned
Not Editable
Editable
Not Editable
Not Editable
Editable
If only the Control Authoriser has been assigned
Editable
Not Editable
Not Editable
Editable
Editable
If Control Owner is same as Control Authoriser
Editable
Editable
Editable
Editable
Editable


Staff Management

Staff details are managed in the below two sections:

  • Staff Record: Administration > Staff 
  • User Login: Administration > Manage Users 

Refer the Administration – Users and Staff article for more information on staff.

Note: If you have purchased the Camms.Strategy product, the staff list and records will drive from the same list from the Camms.Strategy system, and will be managed from the Camms.Strategy system Administration area.