Cúram Service Planning includes security which protects a service plan from unauthorized users. Users can be restricted from accessing one or more elements of a service plan. They can also be restricted from maintaining service plan elements, approving the service plan or individual plan items, or from cloning a service plan.
The following describes the levels of security which governs service plans:
- Function security governs user access to all server
functions accessible from the client application. At the service
plan level, function security governs a user's ability to perform
operations such as approving the service plan, creating the
service plan, cloning the service plan, approving plan items, and
viewing the service plan. When a user attempts to perform a
function in the application, the system checks his or her security
role for the appropriate function identifier. Field security
governs user access to information in specific fields. For
example, it might be necessary to protect the display of the
actual cost expended on plan items from general user
access.
- Location based security is used to authorize a user's
ability to access service plan and client information based on his
or her location. A user can only access service plans in his or
her location or sub-locations where the user's location is the
same as the primary client's location. In general, there are four
security options which can be set for an organization; On, Off,
Restricted View, and Read Only. When 'Off' is specified, users can
view and maintain all service plans and client details
irrespective of their location in the organization. When 'On' is
specified, users can view and maintain all service plans and
clients in their own location and/or sub locations. They cannot
view or maintain any service plans or clients which exist in other
locations. When 'Restricted View' is specified, users can view and
maintain all service plans and all clients in their own location
and sub-locations. They can also see that service plans and
clients exist in other locations but cannot view the details of
the service plans or clients. When 'Read Only' is specified, users
can view and maintain service plans and client information in
their own location and can view service plans and clients in all
other locations. Exceptions to the above four scenarios can be
dealt with by giving the appropriate read and maintain rights to
additional locations. For more information on location based
security, see the Cúram Location
Administration Guide.
- Sensitivity is used to govern whether users should have
access to individual plan elements. Contracts, plan participants,
sub-goals, and plan items can each be assigned a sensitivity level
and when a user selects to view the plan element, the system
checks the sensitivity of the user against that of the plan
element to determine access.
- Notes are assigned a sensitivity level whereby only users
with a sensitivity equal to or higher than the sensitivity level
for the note can view the note details.
Important: A user's security access is set up as part of security administration. This is covered in detail in the Cúram Organization Administration Guide.