Set up the access / security level in the system

Owned by Erich Must Wessel
Last updated: Sept 08, 2022 by Corina Andersen (Unlicensed)
2 min read

Standard setup


Enter the users who will help build the system as soon as possible.

  • Only IT personnel who are to assign other rights, should be in the Owners group - no one else!

  • System owner should be in “System Administrator”

  • Those who will draw process maps should be in the following groups:

    • Members

    • Process Administrator

  • Access to end users is described later, they should be in the group Members without delete rights. Feel free to use AD groups for this user group, as an AD group for "All employees" will often be entered here.

  • Administrators within the various subject areas can be added to the Administrator groups, but only if they need this for technical and professional reasons. Everyone who is in Members without delete rights can use their relevant parts of the system with full functionality

 

Super Administrator / quick publishing

When building the system, it may be wise to avoid having to approve all new versions of drawings and PDs. You can grant users "Super Administrator" rights. In PM you will then see the lightning icon which can be clicked on to publish directly. A similar option is available in PDs where under the "Approval and publication" tab you can click on the "Quick publication" tab. No notification is sent out with quick publication.

  • Activate the "Super administrator" setting in the "Process" settings panel (requires System Administrator access).

  • Add them to the Process Administrator group.

  • This combination means that the user will have the opportunity to quickly publish drawings and PDs. This setting should be removed when entering operational mode, as all drawings and PDs must be approved and published by the owner of the process/drawing.

External users


To invite external users outside your company domain, you need to enable a global MS365 setting (outside QM365). Contact an MS365 administrator to enable this feature. In this way, you can e.g. invite, i.e. auditors, into the Restricted Readers group (only read rights). External users must be either an MS365 account or a registered Microsoft account.

 

Security level


You decide for yourself which level of security is desired for the users of your MS365 setup. It is important to know the consequences and risks for which level chosen. The more secure the login procedure, the more complex and safer it is - usually. Your IT manager decides this.