A privilege indicates one or more system functionalities for which there is controlled access. For a flexible access control, various privileges were created to control access to the functionalities of each system module and solution, including: Access the Home Module, Manage Corporate Messages, View the Organizational Structure, Manage Business Components, Edit Authoritative Documents, Publish Surveys, Delete Risk Management Projects, Register Compliance Projects, View Event History, Register Dashboards, among others.
The figure below shows the equivalence between the Import Knowledge Base privilege and the corresponding functionality in the system, which allows a knowledge base to be imported through a specially formatted Excel spreadsheet.
Privilege |
Corresponding Feature |
Import Knowledge Bases |
|
In the figure above, there is a one-to-one relationship between the privilege and the system functionality. Often the relationship will be one-to-n; in other words, a single privilege can be associated with several functionalities. One example of this second case is the Manage the Organizational Structure privilege, which controls several functionalities: view and edit the organization’s properties; register, view, edit, and delete structural items (perimeters, assets, and asset components); etc.
Note that privileges are provided with the system installation and cannot be created, edited, or deleted.
The table below contains the system privileges and their respective descriptions:
Privilege |
Description |
General | |
SEARCH Content |
Perform the indexed content search function. The search results will only contain data the user has permission to view according to assignments to roles or by belonging to certain profiles. |
Administration | |
ACCESS Online Support |
Access the Modulo Risk Manager support system to open and manage tickets, as well as interact with the support team online. |
ACCESS the Administration Module |
Accessing the Administration module allows the module's homepage to be viewed and its functions to be browsed until explicit permission is required. That is, users will only have access to administrative functions (corporate messages, audit log, system settings, customizations, access control, integrations, information on the system, online support, and scheduled reports) if they have explicit permission to perform these activities. If this privilege is revoked, access to all functions of the Administration module will be blocked. |
MANAGE Access Control |
Manage access control settings related to authentication, user management, editing access profiles, editing restriction lists, and the authorization policy (permissions to privileges). |
MANAGE Access Rules |
View, create, edit, and delete access rules for tables and entries used in the Intelligence solution. |
MANAGE Administration Queries |
View, create, copy, edit, run, and delete queries from the Administration module using the wizard provided to view information on access control. This privilege also allows the audience and editors of each query to be managed. |
MANAGE Audit Log |
Configure the retention period for entries and view the system audit log. |
MANAGE Corporate Messages |
Manage (view, register, edit, and delete) corporate messages displayed in the Home module to users once they sign in. |
MANAGE Customizations |
Manage system customizations. This privilege allows users to adjust scales for indicators; customize message templates for sending e-mail notifications; configure options for risk and compliance projects; configure options for the interface; manage workflow rules; customize the formula used to calculate the Risk Score for vulnerabilities; manage object types; manage objects and attributes; customize event layouts; and customize options for the Continuity module, if this module is installed. |
MANAGE Custom Modules |
View, create, edit, enable, and disable custom modules through the module editor. |
MANAGE Integrations |
Create tasks for importing objects from LDAP directories; importing XML files containing new or updated assets, events, or vulnerabilities; synchronizing the database for the Dashboard module with the system database so that the latest information is displayed in the interface; accessing the Live Update service to automatically update content in the Knowledge module; importing vulnerabilities from NeXpose and Qualys scanners; importing assets from NeXpose and Qualys scanners; synchronizing events from the Workflow module with remediation tickets in Qualys; exporting query results to SQL tables; and executing HTTP calls. |
MANAGE Scheduled Reports |
View and delete reports scheduled throughout the system. |
MANAGE System Settings |
Manage technical configurations in Modulo Risk Manager related to the message service, collector servers, credentials, and obsolete elements, as well as configurations for the Intelligence solution. |
VIEW System Information |
View information on the system version and license, as well as general usage statistics. |
Home | |
ACCESS the Home Module |
Access the homepage of the Home module and its features. As the Home module does not include additional privileges, those who can access the module automatically receive permission to execute all the functions available in all its sections. As users are immediately redirected to the Home module after signing in, they must be included in at least one profile that has permission to this privilege in order to have access to the system. |
Organization | |
ACCESS the Organization Module |
Accessing the Organization module allows the module's homepage to be viewed and its functions to be browsed until explicit permission is required. That is, the user will only have access to organizational functions (managing assets, business components, people, and queries, as well as importing and exporting organizational information and generating reports) if the user has explicit permission to perform these activities. Regardless of the other privileges granted, if the "Access the Organization Module" privilege is revoked, access to all functions of this module will be blocked. |
CANCEL Interviews |
Cancel interviews from an organizational project. |
CANCEL Organizational Projects |
Cancel an organizational project. Once a project is cancelled, the interviews will also be cancelled. |
CLOSE Organizational Projects |
Close an organizational project. |
DELETE Organizational Projects |
Delete an organizational project. Once a project is deleted, the interviews will also be deleted. |
EDIT Business Components |
View and edit strategic and tactical business components, as well as configure the relationships among these business components and those between tactical components and assets. View, edit and clear values entered for business component attributes. |
EDIT Properties of an Organizational Project |
Edit the properties (name, leader, description, and additional information) of an organizational project. |
EDIT the Scope of an Organizational Project |
View and edit the scope (objects, surveys, and interviewees) of an organizational project. |
GENERATE Integrated Overview of Business Components |
Generate the integrated overview of business components, which displays the relationships between tactical and strategic components and between tactical components and assets. Consolidated risk, vulnerability, and compliance indicators are also displayed for these objects. |
GENERATE Organizational Reports |
Generate reports that consolidate the latest results of risk projects for objects from the organizational structure, as well as schedule these reports. Note that this privilege does not include the ability to generate or schedule generic reports, where permission for these actions is granted directly to the author, editor, or the audience of each report. |
MANAGE Business Components |
View, register, edit, and delete strategic and tactical business components, as well as configure the relationships among these business components and those between tactical components and assets. View, edit and clear values entered for business component attributes. |
MANAGE Groups of People |
View, register, edit, and delete groups of people and their members. |
MANAGE Organizational Queries |
View, create, copy, edit, run, and delete organizational queries with data on the organizational structure (perimeters, assets, asset components, and business components) and consolidated results of risk analyses. A wizard is available to assist in this process. This privilege also allows the audience and editors of each query to be managed. |
MANAGE Organizational Report Templates |
Create, edit, export, import, enable, disable, copy, rename, and delete organizational report templates. This privilege includes the ability to create SQL queries for insertion in these custom reports, as well as permission to generate reports from disabled templates (not released for use) for test purposes. In addition, this privilege also allows the audience and editors of each query to be managed. |
MANAGE People |
View, register, edit, and delete people from the system. |
MANAGE the Organizational Structure |
The Manage the Organizational Structure privilege means: Organization selected: View and edit properties of the organization. Perimeter selected: View vulnerabilities and view and edit properties, managers, attributes, and location of the perimeter. Asset selected: View and edit properties (including relationships with tactical business components), components, attributes, and location of the asset, as well as view vulnerabilities and the history of risk analyses. Asset component selected: View and edit properties of the asset component and view the history of risk analyses. This privilege also allows you to import and export the Excel spreadsheet used to create and edit organizational objects and their associations. However, this permission will only be granted to the profiles with this privilege, and not to the roles. |
REGISTER Organizational Projects |
Create new organizational projects. |
REOPEN Projects |
Reopen organizational projects. |
SEND Interviews |
Send interviews from an organizational project. |
VIEW Interview Results |
View the answers provided in interviews from an organizational project. |
VIEW the List and Properties of Organizational Projects |
View the list of organizational projects, select a project, and view its properties. |
VIEW the Organizational Structure |
The View the Organizational Structure privilege means: Organization selected: View the organization's properties. Perimeter selected: View properties, managers, attributes, and location of the perimeter, as well as view vulnerabilities. Properties of its parent and subperimeters can also be viewed. Asset selected: View properties, components, attributes, and location of the asset, as well as view vulnerabilities and the history of risk analyses. Asset component selected: View properties of the asset component and the history of risk analyses. The View the Organizational Structure privilege also allows business components associated with assets to be viewed through the organizational structure. The Perimeter Manager and Responsible for Asset roles will have a partial view of the organizational structure, since they will only be able to view the perimeters and assets to which they were assigned. |
Risk | |
ACCESS the Risk Module |
Accessing the Risk module allows the module's homepage to be viewed and its functions to be browsed until explicit permission is required. That is, the user will only have access to functions related to risk management projects and queries if the user has explicit permission to perform these activities. Regardless of other permissions granted, if the "Access the Risk Module" privilege is revoked, access to all functions of this module will be blocked. |
ANALYZE Asset Risks |
Analyze risks in the context of a risk management project by answering questionnaires, executing automated collections, sending interviews to interviewees and reviewers, processing analyses of vulnerabilities, and monitoring the analysis phase. |
CANCEL Risk Management Projects |
Cancel a risk management project and, consequently, cancel any risk events generated through it. When a project is cancelled, its interviews are also cancelled. |
CLOSE Asset Risk Analysis |
Close an analysis, in the context of a risk management project. |
CLOSE Risk Management Projects |
Close a risk management project. |
DELETE Risk Management Projects |
Delete a risk project and cancel any associated events, as well as disassociate events from different origins. When deleting a project, the interviews will also be deleted. |
EVALUATE Asset Risks |
Evaluate the risks identified from controls and vulnerabilities in the context of a risk management project. |
GENERATE Risk Reports |
Generate reports with analysis data (Risk Analysis Report, Executive Analysis Report, Detailed Risk Report, and Detailed Risk Report by Threat) directly from a project or from the Generate Reports section. This privilege includes the ability to schedule a report directly from a project or from the Schedule Reports section. |
IMPORT Occurrences of Vulnerabilities |
Import vulnerabilities identified in technology assets through a specially prepared template so that they can be analyzed in risk projects. This privilege also allows the spreadsheet template used to import occurrences of vulnerabilities to be exported. |
INVENTORY – Edit Analysis Parameters of Risk Management Projects |
Edit the analysis parameters (analyst, survey version, knowledge base version, interviewee, and reviewer) of a risk management project. |
INVENTORY – Edit Properties of Risk Management Projects |
Edit the properties (name, leader, substitute leader, description, and interview notifications) of a risk project. |
INVENTORY – Edit Scope of Risk Management Projects |
View and edit the scope of asset components and the scope of vulnerabilities of a risk management project. Asset components can also be included in the scope of projects through the organizational structure. |
MANAGE Asset Risk Report Templates |
Copy, enable, and disable report templates provided by Modulo, as well as export, import, enable, disable, copy, rename, and delete custom report templates that are used to generate reports and schedule their sending for risk projects. This privilege also includes the ability to create SQL queries for insertion in these custom reports, as well as permission to generate reports from disabled templates (not released for use in projects) for test purposes. |
MANAGE Risk Queries |
View, create, copy, edit, run, and delete risk queries using the wizard provided to view consolidated results of risk analyses. This privilege also allows the audience and editors of each query to be managed. |
MONITOR Treatment Events |
View risk treatment events related to controls and vulnerabilities, generated in the context of a risk management project. |
REGISTER Risk Management Projects |
Create risk management projects from scratch or by copying an existing project. |
REOPEN Asset Risk Analysis |
Reopen an analysis, in the context of a risk management project. |
REOPEN Risk Management Projects |
Reopen a risk management project. |
VIEW Analysis Statistics |
View statistics on the progress of questionnaires, collections, interviews, reviews, and vulnerability analyses, in addition to general information on the analysis phase of risk management projects. |
VIEW List and Properties of Risk Management Projects |
View the list of risk management projects and its graphs, as well as select a project and view its properties. |
VIEW Scope of Risk Management Projects |
View the list of risk management projects, select a project, and view its scope. |
Compliance |
|
ACCESS the Compliance Module
|
Accessing the Compliance module allows the module's homepage to be viewed and its functions to be browsed until explicit permission is required. That is, the user will only have access to functions related to compliance projects and queries if the user has explicit permission to perform these activities. Regardless of other permissions granted, if this privilege is revoked, access to all functions of this module will be blocked. |
ANALYZE Compliance |
Perform operations related to the analysis of non-compliances in the context of a compliance management project (send interviews). These operations include viewing the statistics available in the project's Analyze tab, send interviews and notify interviewees and reviewers, cancel sent interviews, and download summaries and proofs of completion of interviews and their revisions. The permission to generate analysis reports is controlled by a separate privilege. |
CANCEL Compliance Projects |
Cancel a compliance project and, consequently, cancel non-compliance treatment events generated through it. When cancelling a project, the interviews will also be cancelled. |
CLOSE Compliance Projects |
Close a compliance management project. |
DELETE Compliance Projects |
Delete a compliance project and cancel any associated events, as well as disassociate events from different origins. When deleting a project, the interviews will also be deleted. |
EVALUATE Non-Compliances |
Perform operations for evaluating non-compliances in the context of a compliance project. |
GENERATE Compliance Analysis Reports |
Generate the report with analysis data (Compliance Analysis Report) directly from a project or from the Generate Reports section. This privilege includes the ability to schedule a report directly from a project or from the Scheduled Reports section. |
INVENTORY – Edit Properties of Compliance Projects |
Edit the properties (name, leader, substitute leader, description, and interview messages) of a compliance project. |
INVENTORY – Edit Requirements of Compliance Projects |
Select the authoritative documents and requirements for a compliance project. |
INVENTORY – Edit Scope of Compliance Projects |
View and edit the scope (objects, surveys, response sets, interviewees, and reviewers) of a compliance project. |
MANAGE Compliance Queries |
View, create, copy, edit, run, and delete compliance queries using the wizard provided to view the results of compliance analyses. This privilege also allows the audience and editors of each query to be managed. |
MANAGE Compliance Report Templates |
Copy, enable, and disable report templates provided by Modulo, as well as export, import, enable, disable, copy, rename, and delete custom report templates that are used to generate reports and schedule their sending for compliance projects. This privilege also includes the ability to create SQL queries for insertion in these custom reports, as well as permission to generate reports from disabled templates (not released for use in projects) for test purposes. |
MONITOR Treatment Events |
View non-compliance treatment events generated in a compliance project. |
REGISTER Compliance Projects |
Create new compliance projects from scratch or by copying an existing project. |
REOPEN Compliance Projects |
Reopen a compliance management project. |
VIEW List and Properties of Compliance Projects |
View the list of compliance projects and its graphs, as well as select a project and view its properties. |
Knowledge |
|
ACCESS the Knowledge Module
|
Accessing the Knowledge module allows the module's homepage to be viewed and its functions to be browsed until explicit permission is required. That is, the user will only have access to functions related to managing compliance knowledge, risk knowledge, surveys, knowledge updates, and control/requirement mappings if the user has explicit permission to perform these activities. Regardless of other permissions granted, if the "Access the Knowledge Module" privilege is revoked, access to all functions of this module will be blocked. |
EDIT Authoritative Documents |
Edit custom authoritative documents, define the audience for a document, and export an authoritative document being edited to an Excel spreadsheet. |
EDIT Knowledge Bases |
Edit custom knowledge bases and their controls, view the history of modifications made, save the changes and notify the author, as well as export a knowledge base being edited to an Excel spreadsheet. |
EDIT Surveys |
Edit properties, questions, rules, or requirements (when applicable) of a custom survey. |
EXPORT and IMPORT Knowledge Updates |
Export and import risk and compliance knowledge updates (threats, threat sources, knowledge bases, groupings, response sets, authoritative documents, etc.) from a PKG file and view the history of updates. |
GENERATE Cross-Reference Reports |
Generate for browser viewing, export to other formats, and print the Cross-Reference Report for cross-referenced requirements between authoritative documents. |
GENERATE Knowledge Base Reports |
Generate for browser viewing, export to other formats, and print knowledge base reports (properties and controls), whether custom or created by Modulo. |
IMPORT Authoritative Documents |
Import an authoritative document to the system database from a specially formatted Excel sheet. This privilege also allows the spreadsheet template used to import authoritative documents to be exported. |
IMPORT Knowledge Bases |
Import a knowledge base to the system database from a specially formatted Excel spreadsheet. This privilege also allows the spreadsheet template used to import knowledge bases to be exported. |
IMPORT Surveys |
Import surveys to the system database from a specially formatted Excel sheet. This privilege also allows the spreadsheet template used to import surveys to be exported. |
IMPORT Vulnerabilities |
Import vulnerabilities to the catalogue of vulnerabilities from a specially prepared Excel spreadsheet. This privilege includes the ability to generate (export) the template (spreadsheet) used to import these vulnerabilities. |
MANAGE Authoritative Documents |
View all authoritative documents, as well as register, edit, and delete custom authoritative documents. |
MANAGE Control and Requirement Mappings |
View and delete mappings between controls from knowledge bases and requirements from authoritative documents. Mappings can be imported through a specially formatted Excel spreadsheet. This privilege also allows the spreadsheet template to be generated, which is used to import these mappings. |
MANAGE CPE and CCE Records |
View, register, edit, and delete unofficial CPE (Common Platform Enumeration) records. View and import CCE (Common Configuration Enumeration) records. |
MANAGE Groupings and Types of Groupings |
View, register, edit, and delete custom groupings and types of groupings, as well as view those provided by Modulo. |
MANAGE Knowledge Bases |
View all knowledge bases, as well as register, edit, and delete custom knowledge bases. This privilege includes copying any surveys associated with the knowledge bases when creating one through a copy. |
MANAGE Response Sets |
View all response sets, as well as register, edit, and delete custom ones. This privilege includes the ability to register and edit response options for a set. |
MANAGE Surveys |
View all surveys, as well as register, edit, and delete custom surveys. |
MANAGE Threats and Threat Sources |
View, register, edit, and delete custom threats and threat sources, as well as edit the Responsible property and associations between threats and threat sources provided by Modulo, when applicable. |
PUBLISH Authoritative Documents |
Generate versions of custom authoritative documents, allowing them to be used in compliance projects and for cross-references to be created with requirements from other published documents. |
PUBLISH Knowledge Bases
|
Generate custom versions of knowledge bases and, as a consequence, copy any surveys associated with a knowledge base, making them available for use in risk projects. |
PUBLISH Response Sets |
Generate custom response sets, making them available for use in compliance projects. |
PUBLISH Surveys |
Generate custom surveys, allowing for their use in projects. |
VIEW Authoritative Documents |
View custom authoritative documents and those created by Modulo. |
VIEW History of Knowledge Base Versions |
View the version history with information on changes made to each version generated of a knowledge base, whether custom or created by Modulo. |
VIEW Knowledge Base Statistics |
View statistics on all knowledge bases and controls registered in the system by asset type. |
VIEW Knowledge Bases |
View the list of custom knowledge bases or those created by Modulo. |
VIEW Response Sets |
View response sets, whether custom or created by Modulo. |
VIEW Surveys
|
View the properties of risk and compliance surveys and generate previews of them. |
Workflow |
|
ACCESS the Workflow Module
|
To improve usability and allow quicker access to events, the Workflow module does not have a homepage. When authorized to access the module, the user views the list of events. Access to functions related to event management (creating, editing, importing, etc.) will only be possible if the user is assigned to a role or has been included in one or more profiles that have permissions to exercise these functions. Regardless of other permissions granted, if the Access the Workflow Module privilege is revoked, access to all functions of this module will be blocked. |
ASSOCIATE and DISASSOCIATE Events |
Create, associate, and disassociate child events under an existing event, as well as manage its associations with related events. |
CANCEL Events |
Cancel events directly from the list or by editing a specific event. |
CLOSE Events |
Close events directly from the list or by editing a specific event. |
DELETE Cancelled Events |
Delete cancelled events from the list. |
EDIT Event Coordinator Property |
Edit the event coordinator, assigning a person or group of people to perform this role. |
EDIT Event Progress |
Update progress of the events selected and attach documents, though this does not include the operations to close or cancel events, which are governed by specific privileges. |
EDIT Events |
Edit the properties of the event (except for the coordinator, responsible, and event type properties), its associations with assets and business components, as well as its location and custom attributes. |
EDIT Responsible for Event Property |
Edit the person or group of people responsible for an event, assigning a person or group to perform this role. |
EDIT the Event Type |
Edit the event type and recover any attributes associated with the new type. |
EXPORT and IMPORT Events |
Create and edit generic and custom events through Excel spreadsheets. This privilege also allows the spreadsheet template used to create events to be exported, and allows events to be exported for editing. |
MANAGE Workflow Queries |
View, create, copy, edit, run, and delete queries in the Workflow module using the wizard provided to view information on events, as well as view events through the treemap and edit its configurations. This privilege also allows the audience and editors of each query to be managed. |
REGISTER Events |
Create new events and copy events in the Workflow module. |
REOPEN Events |
Reopen closed events directly from the list or by editing a specific event. |
VIEW Event History |
View the progress and complete history of event updates, including attachments. |
VIEW Events |
View the list of events and the properties of specific events, including their associations (with other events, assets, business components, controls, requirements, and vulnerabilities), attributes, and locations. |
Dashboard |
|
ACCESS the Dashboard Module |
View the homepage of the Dashboard module and browse its features until explicit permission is requested. That is, the user will only have access to functions related to managing dashboards and charts if they have explicit permission to perform these activities. Regardless of all other permissions granted, if the Access the Dashboard Module privilege is revoked, access to all the functions of this module will be blocked. |
DELETE Dashboards |
Delete a dashboard. |
EDIT Dashboards |
Edit a dashboard (edit its name and the option to display it by default, and add or remove charts). The dashboard template selected when it was created (one column, two columns, etc.) cannot be edited. When editing a dashboard, the author will also be able to select its audience. |
MANAGE Charts from the Gallery |
Register, view, edit, and delete charts from the chart gallery. |
REGISTER Dashboards |
Create a new dashboard, defining its name and template, as well as adding charts to it. When creating a dashboard, the author will also be able to select its audience. |
VIEW Dashboards |
View the list of dashboards and view a specific dashboard, including its properties and charts. |
VIEW the List of Charts in the Gallery |
View the list of charts in the chart gallery of the Dashboard module. |
Policy (These privileges will only appear if the Policy module is installed.) |
|
ACCESS the Policy Module |
View the home page of the Policy module and browse its features until explicit permission is requested. That is, the user will only have access to functions related to managing policies if they have explicit permission to perform these activities. Regardless of all other permissions granted, if the Access the Policy Module privilege is revoked, access to all the functions of this module will be blocked. |
CREATE Policies |
Create a policy, providing values for its properties and attributes. |
EDIT Policies |
View and edit a policy, providing values for its properties and attributes. This privilege also allows revision and approval workflows to be managed. |
EXPORT and IMPORT Policies |
Create and edit policies through Excel spreadsheets. This privilege also allows the spreadsheet template used to create policies to be exported, and allows policies to be exported for editing. |
PUBLISH Policies |
Generate a new version of a policy, making it available for an audience. |
VIEW Policies |
View the list of policies and select a policy to view it. |
Continuity (These privileges will only appear if the Continuity module is installed.) |
|
ACCESS the Continuity Module |
View the homepage of the Continuity module and browse its features until explicit permission is requested. That is, the user will only have access to functions related to Business Impact Analyses (BIA), plans, strategies, etc. if they have explicit permission to perform these activities. Regardless of all other permissions granted, if the Access the Continuity Module privilege is revoked, access to all the functions of this module will be blocked. |
APPROVE Business Component Data |
Verify a business component with data that was already validated by the person responsible for it and for which the workflow of data revision by approvers has been started. Each person selected as approver will approve or reject the data necessary for calculating the Impact Score of the business component. This privilege does not include the ability to modify this data. |
CREATE Events for Plans |
Start a workflow for published plans or those being edited. This involves creating an event in the Workflow module through the Continuity module with the plan attached to the event. |
CREATE Plans |
Create a plan of any type, assigning people and groups to roles, selecting the objects it will be associated with, and providing values for all its other properties. |
CREATE Procedures |
Create a procedure, providing values for properties and attributes. |
DELETE Plans |
Delete a plan (Contingency Plan, Incident Management Plan, Business Recovery Plan, or other types supported by the system). |
DELETE Procedures |
Delete a procedure and all of its previously published versions. Procedures that are being used in published plans will continue to be associated with the plans, but they will not be available in the repository for association with new plans. |
EDIT Plans |
Edit a plan for the Continuity module (Contingency Plan, Incident Management Plan, Business Recovery Plan, or other types supported by the system). This privilege includes the ability to associate published procedures and plans with a plan being edited. |
EDIT Procedures |
Edit a procedure to generate a new version. |
EXPORT and IMPORT Plans |
Create and edit plans through an Excel spreadsheet. This privilege also allows the spreadsheet template used to create plans to be generated, and allows plans to be exported for editing. |
MANAGE Business Impact Analyses |
Manage the list of business components (include and remove components in the list of components for calculating the Impact Score), edit the properties of a business component (approvers and analysis frequency), begin the workflow for reviewing business component data, cancel the revision of a business component, define a business component as critical to the organization, and view the history of Impact Score calculations for a business component, as well as its BIA data and continuity requirements. |
MANAGE Customizations for the Continuity Module |
Customize features from the Continuity module. |
MANAGE Strategies |
Select a continuity strategy for a business component. |
PUBLISH Plans |
Publish a plan in the Continuity module (Contingency Plan, Incident Management Plan, Business Recovery Plan, or other types of plans supported by the system). |
PUBLISH Procedures |
Publish a procedure to generate a new version. |
VALIDATE Plans |
Validate data of a plan that has already been published or is being edited. |
VIEW Plans |
View a plan and its properties (identification information, the person responsible for it, any objects related to it, etc.), its procedures, and its instructions. |
VIEW Procedures |
View a procedure and its attributes. |
ERM (These privileges will only appear if the ERM solution is installed.) |
|
ACCESS the ERM Solution |
View the homepage of the ERM solution and browse its functions until explicit permission is required. That is, users with this privilege will only have access to functions related to enterprise risk management if they have explicit permission to perform these activities. If this privilege is revoked, access to all functions of the ERM solution will be blocked. |
CREATE Enterprise Objectives |
Create an enterprise objective, providing values for its properties and attributes. |
CREATE Events for Enterprise Risks |
Start a workflow for enterprise risks. This implies creating an event in the Workflow module through the ERM solution with the enterprise risk attached to the event. |
CREATE Strategic Objectives |
Create a strategic objective, providing values for its properties and attributes. |
DELETE Enterprise Objectives |
Delete an enterprise objective. |
DELETE Loss Events |
Delete a loss event. |
DELETE Risks |
Delete an enterprise risk. |
DELETE Strategic Objectives |
Delete a strategic objective. |
EDIT Enterprise Objectives |
Edit all properties and attributes of an enterprise objective. |
EDIT Loss Events |
Edit the properties and attributes of loss events through the interface and the spreadsheet. |
EDIT Risks |
Edit the properties and attributes of an enterprise risk through the interface and the spreadsheet. |
EDIT Strategic Objectives |
Edit all properties and attributes of a strategic objective. |
MANAGE Controls |
View, create, edit, and delete controls through the interface, as well as export, edit, and import controls through the spreadsheet. |
MANAGE ERM Queries |
View, create, copy, edit, run, and delete queries in the ERM solution containing data on enterprise risks and loss events. A wizard is provided to help you create and edit queries. This privilege also allows the audience of each query to be managed. |
MANAGE KRIs |
View the list of KRIs and register and delete KRIs. |
MONITOR KRIs |
View the values of KRIs by enterprise risk. |
REGISTER Loss Events |
Register new loss events through the interface and the spreadsheet by completing their properties and attributes and assigning a person responsible for them. |
REGISTER Risks |
Register an enterprise risk through the interface and the spreadsheet, providing values for its properties and attributes. |
VIEW Enterprise Objectives |
View the list of enterprise objectives and select an objective to view its properties and attributes. |
VIEW Loss Events |
View the list of loss events through the interface and the spreadsheet, and select a specific event to view its properties and attributes. |
VIEW Risk Matrix |
View enterprise risks through the risk matrix. |
VIEW Risks |
View the list of enterprise risks through the interface and the spreadsheet, and select a risk to view its properties and attributes. |
VIEW Strategic Objectives |
View the list of strategic objectives and select an objective to view its properties and attributes. |
Dispatch (These privileges will only appear if the Dispatch solution is installed.) |
|
ACCESS the Dispatch Solution |
View the home page of the Dispatch solution and browse its functions until explicit permission is required. That is, users with this privilege will only have access to functions related to call assistance, dispatch, monitoring, queries, and customizations if they have explicit permission to perform these activities. If the Access the Dispatch Solution privilege is revoked, access to all functions of the solution will be blocked. |
MANAGE Calls |
Allows the Manage Calls section to be accessed in order to view and manage all calls on the map or window. Calls with a final status are only displayed in the window, while open calls are also displayed on the map. By default, this privilege allows you to view, register, edit, associate, and end calls, view their reports, and send calls to dispatchers. If the following features are enabled, this privilege also includes the ability to manage service units, access messages, view notifications, and cancel and transfer calls. |
MANAGE Customizations for the Dispatch Solution |
Allows features from the Dispatch solution to be customized, including the call origins, the types of identification, the call categories, associated events, and operating procedures. This privilege also allows you to register and edit these objects through spreadsheets. |
MANAGE Dispatch Requests |
Access the Manage Dispatches section and manage dispatch requests, service units, and occurrences assigned to the groups selected in this section. This privilege includes permission to open in a new window the tabs for dispatch requests and service units. For dispatch requests, allows you to view, end, and transfer dispatch requests; associate and disassociate service units from dispatch requests; add field events, and view operating procedures. For service units, allows you to view units, change the status of each, remove them temporarily, edit their garrisons, associate and disassociate them from requests, and manage the assignment of people to units through the Police Car Assignment section. For occurrences, includes permission to view occurrence reports, view, edit, associate, and disassociate occurrences. If the following features are enabled, this privilege also allows you to view notifications; put requests on hold; accept dispatch requests; send and receive messages on occurrences; and access the sections that contain information on calls and occurrences (Priority Occurrences, Unfinished Occurrences, and Today's Occurrences). |
MANAGE Queries in the Dispatch Solution |
View, create, copy, edit, run, and delete call queries using the wizard provided to view information on them. This privilege also allows the audience of each query to be managed. |
MONITOR Calls |
Allows the Monitoring page to be accessed to view all the calls on the map or window. Calls with a final status are only displayed in the window, while open calls are also displayed on the map. This privilege allows you to view calls in progress, view service units, and generate occurrence reports. In addition, if the following features are enabled, this privilege includes the ability to access the chat, view call notifications, and use the exporting feature in the Export Calls and Occurrences section. |
Integration (These privileges will only appear if the Integration module is installed.) |
|
ACCESS the Integration Module |
View the homepage of the Integration module and browse its functions until explicit permission is required. That is, users with this privilege will only have access to functions related to aggregated queries and to the integration map if they have explicit permission to perform these activities. If the Access the Integration Module privilege is revoked, access to all functions of the module will be blocked. |
Export and Import Layers |
Import and export the XML file containing the layer configurations for the maps of the Integration module and the Events and Dispatch solutions. This privilege also includes the ability to import KML files to the server so that they can be configured as layers. |
MANAGE Queries in the Integration Module |
View, create, copy, edit, run, and delete queries from the Integration module, which can later be used to create aggregated queries. This privilege also allows the audience of each query to be managed. |
REPLAY Conversation Recordings |
Replay conversation recordings from the Integration module. |
RUN Aggregated Queries |
Run queries from the Integration module. Users can only view the results of the individual queries of which they were included as audience. |
SEND Text Messages |
Allows you to send text messages on the Integration module. |
VIEW Live Camera Feeds |
View live camera feeds from the Integration module. |
VIEW Recorded Images |
View recorded images in the Integration module. |
Events (These privileges will only appear if the Events solution is installed.) |
|
ACCESS the Events Solution |
View the home page of the Events solution and browse its functions until explicit permission is required. That is, users with this privilege will only have access to functions related to event management if they have explicit permission to perform these activities. If the Access the Events Solution privilege is revoked, access to all functions of the solution will be blocked. |
CREATE Activities |
Create an activity through the main list, providing values for its properties and attributes. This privilege also allows activities to be created through the spreadsheet for scheduled events and the activity matrix. |
CREATE Scheduled Events |
Create a scheduled event through the main list, providing values for its properties and attributes. This privilege also allows events to be created through the spreadsheet for scheduled events and the activity matrix. |
DELETE Activities |
Delete an activity through the main list and the activity matrix. |
DELETE Scheduled Events |
Delete a scheduled event through the main list and the activity matrix. |
EDIT Activities |
Edit all properties and attributes of an activity through the main list, the spreadsheet, and the activity matrix. |
EDIT Scheduled Events |
Edit all properties and attributes of a schedule event through the main list, the spreadsheet, and the activity matrix. |
GENERATE Scheduled Event Reports |
Generate reports with data on scheduled events. This privilege includes the ability to schedule the reports. |
MANAGE Event Queries |
View, create, copy, edit, run, and delete queries in the Events solution using the wizard provided to view information on scheduled events and activities. This privilege also allows the audience of each query to be managed. |
MANAGE Scheduled Event Report Templates |
Create, edit, export, import, enable, disable, copy, rename, and delete report templates from the Events solution. This privilege also includes the ability to create SQL queries for insertion in these custom reports, as well as permission to generate reports from disabled templates (not released for use) for test purposes. In addition, this privilege also allows the audience and editors of each query to be managed. |
VIEW Activities |
View the list of activities and select an activity to view its properties and attributes. This privilege also allows activities to be viewed in the spreadsheet for scheduled events and the activity matrix. |
VIEW Scheduled Events |
View the list of scheduled events and select an event to view its properties and attributes. This privilege also allows events to be viewed in the spreadsheet for scheduled events and the activity matrix. |
Intelligence (These privileges will only appear if the Intelligence solution is installed.) |
|
ACCESS Perspectives of Reports from the Intelligence Solution |
View and use any perspective available in the system for the creation of intelligence reports. Users with this privilege may access perspectives, regardless of whether they are audience members. |
ACCESS the Intelligence Solution |
View the homepage of the Intelligence solution and browse its features until explicit permission is requested. That is, the user will only have access to functions related to managing intelligence reports if they have explicit permission to perform these activities. If the Access the Intelligence Solution privilege is revoked, access to all functions of this solution will be blocked. |
DELETE Default Reports of the Intelligence Solution |
Delete reports provided by Modulo with the installation of the Intelligence solution. |
EDIT the Audience of Default Reports of the Intelligence Solution |
Edit the audience of reports provided by Modulo for the Intelligence solution. |
MANAGE Intelligence Reports |
View, create, copy, edit, and delete intelligence reports. |
MANAGE Perspectives of Reports of the Intelligence Solution |
View the list and access all the perspectives of reports from the Intelligence solution. Audience members will be able to access the perspectives to which they were assigned, even without permission in this privilege. |
VIEW Default Reports of the Intelligence Solution |
View reports provided by Modulo with the installation of the Intelligence solution. |
Custom Modules (This privilege is repeated for each custom module. This means that it will only appear if at least one custom module was registered.) |
|
ACCESS the {module name} Module |
View the homepage of the {module name} module and browse its functions until explicit permission is required. That is, users with this privilege will only have access to functions related to this module if they have explicit permission to perform these activities. If the Access the {module name} Module privilege is revoked, access to all functions of the module will be blocked. |
Data Analytics (These privileges will only appear if the Data Analytics module is installed.) |
|
ACCESS the Data Analytics Module |
View the home page of the Data Analytics module and browse its functions until explicit permission is required. That is, users with this privilege will only have access to functions related to dashboard management and SQL queries if they have explicit permission to perform these activities. If the Access the Data Analytics Module privilege is revoked, access to all functions of the solution will be blocked. |
MANAGE Dashboards |
View, update the data sources, delete, configure access and select the audience of your dashboards; view the dashboards of which you are audience; and download the Dashboard Designer and the SQL Server database. This privilege also includes dashboard creation and editing through the Dashboard Designer. |
MANAGE SQL Queries |
View, create, edit, delete, and select the audience of SQL queries used in dashboards. |