Editing administrators

Administrator user names and email addresses are defined under Global Settings, and cannot be changed in the Data Security module of the Security Manager.

Administrator roles and access permissions, however, are configured in the Data Security module.

To edit administrator permissions:

Steps

  1. Go to the Settings > Authorization > Administrators page in the Data Security module of the Security Manager.
  2. Select the name for the administrator whose profile you want to edit. Note that changes to administrator profiles are recorded in the audit log.
  3. If the administrator type is User, select a role for this administrator from the drop- down list (see Working with roles section), or click New to create a new role.

    Click View Permissions to view the permission settings for the selected role.

    Note: You cannot configure a role if the Administrator type is Application.
  4. Under Incident Management, indicate which incidents this administrator should be able to manage. By default, the administrator can manage all incidents from all policies and business units. Click the links to modify these settings. See:
    • Select Incidents
    • Select Policies
    • Select Business Units
  5. To add a record to the audit log each time this administrator views incident details in the Incidents report, select Audit incident detail views.

    The audit log (Main > Logs > Audit Log) is updated when the administrator clicks (and highlights) an incident in the report, and details are displayed in the Preview pane (triggered values, properties, forensics, and history). The log is also updated when the administrator double-clicks an incident and opens its details in a new browser window.

    If this administrator is assigned a role with permission to “perform operations on incidents,” then records are also added to the audit log when the administrator emails incidents to a manager or other recipient, or when the administrator exports incidents to a CSV or PDF file.

    This option does not add a record when the administrator views the incident summary information that is displayed when he or she runs a report.

    By default, administrators are not audited when they view incident details.

    Note: If local administrators are also defined as members of a user directory group, the permissions you assign here supersede those of the group.
  6. Click OK.