Auditor Role
The Auditor Role function grants the ability to remove the auditor role access rights from the ACRM (Access Control Manager) and ACR (Access Control Representative) roles without effecting any of the other access rights or roles granted to users with the ACRM and ACR role. The Auditor Role can be applied to a user to specifically grant them the ability to perform audits. After the Auditor Role has been assigned the user will have access to the following screens within CONNECT:
Dashboard:
Current Audits
My Audits
Requests:
Access
My Access Request History
Credential/Badge
Activating The Auditor Role:
Navigate to CONNECT > Configuration > General, locate the Role Options and toggle the Manage Audits Via a Separate User Role option to the ON position (for further information refer to the Role Options section).
Manage Audits Via a Separate User Role is Disabled (OFF):
The functions and settings applicable when the Manage Audits Via a Separate User Role is disabled (OFF):
Auditor Role: Auditor role can still be configured and granted to users but will have no functionality.
Optional Group Inheritance: The ability to inherit managed access groups from ACR/ACRM to be applied to the Auditor Role.
Audit Campaigns: Both current and past audits will function as usual, with ACR and ACRM users able to access the audits.
Provisioning/Revoke Access: ACR and ACRM users can still manage access based on their role settings and access rights.
Audit Dashboards: My Audits and My Audit Dashboard for CONNECT Admins, ACRMs and ACRs remain based on existing identity assignments.
Notifications: Audit notifications remain unchanged.
If an audit campaign is currently in progress:
ACR/ACRMs can continue to access and act on audits as usual, based on identity assignments.
Dashboards and notifications follow the usual identity-based assignments.
Auditor Role configurations remain as they are.
Manage Audits Via a Separate User Role is Enabled (ON)
The functions and settings applicable when the Manage Audits Via a Separate User Role is enabled (ON):
Role-Based Audit Access: ACR/ACRMs will not have the ability to manage audits based on identity assignments. Only users with the Auditor Role, as defined by their Access Groups, can manage audits.
Advance Auditor Role Setup: The ability to set up Auditor Roles in advance for future audit periods.
Provisioning/Revoke Access: ACR/ACRMs can still manage access based on their role settings and access rights.
Audit Dashboards: My Audits and My Audit Dashboard are now only available to those with the Auditor Role, and access is controlled by their Access Groups.
Notifications: Audit notifications are now aligned with the Auditor Role and the applied Access Groups.
If an audit campaign is currently in progress:
ACR/ACRMs can no longer manage audits based on identity assignments.
Only Auditor Role users, based on their Access Groups, can access and act on audits.
My Audits and My Audit Dashboard are controlled exclusively by the Auditor Role and the applied Access Groups.
Audit notifications are based on the Auditor Role and the applied Access Groups.
Assigning the Auditor Role to an Identity:
Note
Refer to the Roles section of this guide for further details on the Role configuration process. The process detailed below is a brief overview of assigning the Auditor Role to an identity.
Navigate to CONNECT > Configuration > Roles.
Select the identity that is required to have the Auditor Role granted to them.
Click the Manage button in the Auditor section.
Select an individual or multiple access groups from the drop down box and click the Add button to add these access groups to the Auditor Role. Alternatively click the Bulk Add button to add all available access groups to the Auditor Role.
Bulk Add will allow the user to select several or all access groups to be assigned to the audits available for the Auditor Role user. Click the Add button to add these access groups to the Auditor Role.
