Use > Incident Management > Security

Security

The following sections explain the Incident Management security roles, security areas, and rights.

Incident security areas

The security areas for Incident are Incident, Incident Tasks, and Incident Management Configuration. These areas contain the default security rights and settings for the Incident Management module. The security right settings will be inherited by the new roles created in an area when no settings are specified in the security role.

These security areas are used to set permissions to operators to provide access to particular area of Incident. The following table lists the areas and the relevant Incident menu items the operators can access.

Area

System Navigator menu items for this area

Incident

This area contains the default security rights and settings for Incident. The rights will be copied to new roles created for this area. However, the settings will only be inherited if there are no settings specified on the Role.

Incident Task

This area contains the default security rights and settings for Incident Tasks. The rights will be copied to new roles created for this area. However, the settings will only be inherited if there are no settings specified on the Role.

Incident Management Configuration

This area contains the default security rights and settings for Incident Management administration and configuration.. For example, Settings, Incident Categories, Incident Task Categories, and Solution Matching. The rights will be copied to new roles created for this area. However, the settings will only be inherited if there are no settings specified on the Role.

Note When you set the security rights for a security role in the Incident Management Configuration area:

  • The View right is to view the settings defined in the Administration menu and the Configuration menu. 
  • The Update right is to update the values of existing settings defined in the Administration menu and the Configuration menu.
  • The New and Delete rights are to create and delete a setting in the Configuration menu, such as category.
  • The Admin right is to add, edit, or delete the settings in the following menus:
    • Administration > Settings.
    • Administration > Configuration > Solution Matching

Default rights

The default rights defined in areas will be inherited when you create new security roles. The following table shows the out-of-box default rights defined in the Incident, Incident Tasks, and Incident Management Configuration areas.

Area Name View New Update Delete/Close Expert Admin
Incident TRUE FALSE Never Never FALSE FALSE
Incident Tasks TRUE FALSE Never Never FALSE FALSE
Incident Management Configuration FALSE FALSE Never Never FALSE FALSE

Default settings

The default settings defined in areas will be inherited when you create new security roles. In an out-of-box system, none of the default settings is checked or set in the Incident, Incident Tasks, and Incident Management Configuration areas.

Incident security roles and settings

The out-of-box security roles for the Incident module include the following:

  • Incident process owner
  • Incident coordinator
  • Incident analyst
  • Incident manager
  • Incident task assignee
  • Configuration auditor
  • Operator

Tip If you have upgraded from a previous version of Incident Management, which is not Process Designer based, see Incident Management security profiles mappings for more information about the mappings between the legacy Incident Management profiles and the current Process Designer security roles.

Out-of-box role rights

Based on the mapping rules, the rights and settings in previous security profiles are mapped to the rights and settings in the Incident area specified in the corresponding security roles. See the table below for the out-of-box security rights in the Incident, Incident Tasks, and Incident Management Configuration areas. This table only lists the new security roles that have different settings with the default rights.

Area Name Role Name View New Update Delete/Close Modify Template Expert Admin
Incident incident process owner TRUE TRUE Always Always TRUE TRUE TRUE
system administrator TRUE TRUE Always Always TRUE TRUE TRUE
Incident Tasks configuration auditor TRUE TRUE Never Never FALSE FALSE FALSE
incident analyst TRUE TRUE Always Always FALSE TRUE FALSE
incident coordinator TRUE TRUE Always Always FALSE TRUE FALSE
incident manager TRUE TRUE Always Always TRUE TRUE TRUE
incident process owner TRUE TRUE Always Always TRUE TRUE TRUE
incident task assignee TRUE FALSE When assigned to workgroup When assigned to workgroup FALSE FALSE FALSE
initiator TRUE TRUE Never Never FALSE FALSE FALSE
operator TRUE TRUE When assigned When assigned FALSE FALSE FALSE
problem manager TRUE TRUE Always Always TRUE TRUE TRUE
SD agent/manager TRUE FALSE When assigned Never FALSE FALSE FALSE
service tech TRUE TRUE Always Always FALSE FALSE FALSE
system administrator TRUE TRUE Always Always TRUE TRUE TRUE
Incident Management Configuration incident manager TRUE TRUE Always Always FALSE FALSE FALSE
incident process owner TRUE FALSE Never Never FALSE FALSE FALSE
system administrator TRUE TRUE Always Always TRUE TRUE TRUE

For information about the out-of-box role rights in the Common Configuration area, see Out-of-box role rights in the Common Configuration area.