Analysis

The analysis requires these steps:

  1. Describe the work.
  2. Determine the access rights required for the work.
  3. List the data objects.

1. Describe the work

List the operations performed by the various users.

User/Function Operation Performed
Clerks Add applications to the /NewAppls folder
Processors Participate in a workflow
Display credit card applications
Set status (a document property) to approved, denied, or pending
Move documents from /NewAppls to /Approved, /Denied, or /Pending folder
Analyst Participate in a workflow
Display credit card applications
Set status (a document property) to approved or denied
Manager Add documents to /ProceduresSource folder
Publish documents to /Procedures folder
Display credit card applications in all folders
Administrator Define and update workflows, publish templates, and document classes

2. Determine the access rights required for the work

List the access rights required for the folder and document operations.

Folder Operations Users Access Rights Required
Add document to the /NewAppls folder Clerks View Properties
Add to Folder
View contents of /NewAppls folder Processors View Properties
Remove document from /NewAppls folder Processors View Properties
Add to Folder
Add document to /Approved, /Denied, /Pending folders Processors View Properties
Add to Folder
Add document to /ProceduresSource folder Manager View Properties
Add to Folder
Publish document to /Procedures folder Manager View Properties
Add to Folder
Display contents of /NewAppls and /Pending folders Manager View Properties


Document Operations Users Access Rights Required
Display applications Processors
Manager
Analyst
View Properties
View Content
Update application status (document property) Processors Modify Properties
Update application content Analyst Modify Properties
Modify Content
Publish procedures (source) documents Manager View Properties
View Content
Modify Properties
Publish
Use publish template to publish procedures Manager View Content
Define workflows, publish templates, and document classes Administrator None, the admin has Owner Control. Must belong to PWDesigner, if the group exists, to define workflows.
Display and print procedures All users View Properties
View Content

3. List the data objects.

List the data objects that must be secured.