Benutzer und Benutzerrollen/en: Unterschied zwischen den Versionen

← Zum vorherigen Versionsunterschied Zum nächsten Versionsunterschied →

Version vom 10. Februar 2020, 07:20 Uhr

User-roles in HITGuard

Each user role has its own permissions and functions.
User roles can be given seperately for every modul.
That means a user can be an Expert in the Security Assessor but only an Professional or Practitioner in the Progress Monitor.
User-roles in the Progress Monitor, User-roles in the Security Assessor

Admin:

This role is responsible for administration as well as for managing other users. Administrators have no insight into data. So, although administrators can manage and create all management systems, they do not have access to their data, nor can they be defined as responsible persons.

At the first installation of the software at least one administrator must be defined.
There can be several administrators.
Performs purely administrative tasks.

Expert:

In this role you will be responsible for one or more management systems in your company.

Security Assessor (Risk Management):
- Can conduct evaluations, assess risk and also administer findings.
- Responsible for the administration of risk policy
Progress Monitor (measures and controls)
- Can create and administer measures and controls.
- Is responsible for the administration of settings in the progress monitor
Data Protector ( Privacy)
- Can create processing activities, assign TOMs, administer external parties and data subjects
Can create and manage management systems
Can carry out the access authorizations and basic configurations
can manage the administration

Professional:

Users of this role support the experts of the management systems in fulfilling their tasks. A Professional has access to all tasks in the management systems to which he is assigned, but has limited editing rights.

Security Assessor (Risk Management):
- Can conduct evaluations, determine risks and also administer findings.
Progress Monitor (measures and controls)
- Can create and administer measures and controls.
Data Protector (Privacy)
- Can create processing activities, assign TOMs and manage externals

Practitioner:
In this role, you have detailed information and implementation skills that are required from within the management system. Sharing your knowledge with HITGuard Experts is essential for a vibrant management system.

has an overview of all findings, controls and assessments assigned to him for response
will be reminded to complete his tasks
is the standard role that each user has over all modules

Diese Rolle verfügt über Detailinformationen und Umsetzungskompetenzen die aus dem Managementsystem heraus benötigt werden. Dass Practitioner ihr Wissen mit den HITGuard Experten teilen ist für ein lebendiges Managementsystem unbedingt erforderlich.

hat Überblick über alle ihm zugeteilten Maßnahmen, Kontrollen, Verarbeitungstätigkeiten und Bewertungen zur Beantwortung
wird an die Erledigung seiner Aufgaben erinnert
ist die Standardrolle die jeder Benutzer modulübergreifend besitzt.

User Administration

Creating a new user is divided into 3 steps:

Create user including initial password:
There are 2 ways to create a user
- Option 1: Userlist
Administration ==> User

In the userlist click on the plus button "Create user"
and create the user with all relevant Data.(see Profil).
- Option 2: fast entry
In the context of use, Active Directory Integration can be used to create a new user with minimal permissions via a person selection mask. E.g. when creating measures
User role allocation:
User roles can only be assigned by Administrators or Exoerts.
For this go to "Administration ==> user-role-assignment" and assign the respective roles to the desired user.
Important: Experts and Professionals need to be assigned to a management system in order to complete their tasks.Assigning Users to Management Systems
Change passwords:
Change your own password:
1. Click on the profile picture or the profile name.
2. click on "Change password" in the bottom right corner
3. Enter the old and new password and confirm
Change a password as an Administrator or Expert:
1. go to "Administration ==> user" and select the desired user
2. click on "Change password" in the bottom right corner
3. Enter the new password and confirm

@@ Zeile 33: / Zeile 33: @@
 '''Professional:'''
-User dieser Rolle unterstützen die Experten der Managementsysteme in der Erfüllung ihrer Aufgaben. Ein Professional hat Zugriff auf alle Aufgaben, in den Managementsystemen denen er zugeteilt ist, mit eingeschränkten Bearbeitungsrechten
+Users of this role support the experts of the management systems in fulfilling their tasks. A Professional has access to all tasks in the management systems to which he is assigned, but has limited editing rights.
-* Security Assessor (Risikomanagement):
+* Security Assessor (Risk Management):
-**Kann Bewertungen, Risiken erstellen und auch Feststellungen administrieren.
+**Can conduct evaluations, determine risks and also administer findings.
-* Progress Monitor (Maßnahmen und Kontrollen)
+* Progress Monitor (measures and controls)
-** Kann Maßnahmen und Kontrollen erstellen und administrieren.
+** Can create and administer measures and controls.
-* Data Protector (Datenschutz)
+* Data Protector (Privacy)
-** Kann Verarbeitungstätigkeiten erstellen, TOMs zuweisen und Externe verwalten.
+** Can create processing activities, assign TOMs and manage externals
 <div class="mw-translate-fuzzy">