This topics contains information on types of users, on assigning roles, and also contains an overview of all roles and rights.
Two types of users
Fortes Change Cloud allows for two types of users:
1.Administrators, who get access to everything everywhere. Administrator rights can only be granted in the user administration (only accessible by other administrators).
2.Users, who get access to entities and areas within Fortes Change Cloud by assigning them roles.
The roles that are assigned to a user determine what access the user has. Access can be restricted to various actions, like getting read-only access or allowing full access including removing items. A user can be assigned multiple roles at the same time. Below follows an overview of the various roles and the access rights associated with them.
Roles can be defined on Organisational unit level, each functional module and entities within the modules such as portfolio's, projects and plan items. As an administrator it is important to realize that you not only have access to everything, but also that you can see everything in the system such as tabs, projects etc. This is not a valid representation of what the average user is experiencing when he is using Fortes Change Cloud, only the item to which the user is assigned will be visible. To be aware of this difference, you could switch between admin and user accounts to see what's the difference.
How to assign roles
Roles can be set on various locations in Fortes Change Cloud. For example in a project.
Step 1. Click Edit Roles on the right in the dark header.
Step 2. Select the right users for the right roles.
The dialogue box for setting roles on a project.
Step 3. Click OK.
Note: Select user group ‘All Users’ to make all users member of the OU.
Note: For folders and projects security-enabled locations that have no security set, ALL members of the organisational unit have access. Please keep this in mind if you do not want users to access such locations.
Note: When a role is assigned to a user, they will see the item to which the role applies on their homepage (i.e. project or program)
Permissions per role: an overview
The tables below give an overview of all roles and their rights.
Roles on organisational units
Role |
Rights |
Organisational unit Manager
|
•Create and archive folders in the organisational unit •Assign folder manager(s) to a new folder within the organisational unit •Assign folder reader(s) to a new folder within the organisational unit •Manage roles at the organisational unit level •Access information of all folders and projects within the organisational unit •Modify picture and text on organisational unit dashboard •Defining resource availability •Allocating project and non-project work •Assigning and removing Non-project Activity Sets from the organisational unit •Allocating hours against projects and non-project activities |
Organisational unit Support |
•Identical access rights as the Organisational unit Manager |
Organisational unit Reader |
•Access information of all folders and projects within the organisational unit •Read access to the resource management of the organisational unit •This includes read access to all allocation requests, time allocations and availability data on the applicable organisational unit |
Organisational unit Member |
•Can be assigned to individual portfolios as readers or managers within the organisational unit Note: before being granted access to portfolios, users first have to be a member of Portfolio Management |
Roles on Project Management
Role |
Rights |
Project Management Coordinator
|
•Create and archive folders •Assign managers and readers to individual folders •Manage roles at all levels within the folders •Access to all folders and their underlying data •Remove and restore archived folders |
Project Management Reader |
•Read access to all data within project management |
Roles on Folders
Role |
Rights |
Folder Manager |
•Create, move and archive projects and project models on assigned level •Create, move and archive sub-folders •Remove and restore archived projects, project models on assigned level •Assign project manager to a new project •Manage roles (managers and readers) of assigned level •Create, edit and remove issues, documents, risk’s etc. within assigned level •Read all information within own and underlying levels •Set tolerances for the projects within assigned folder / project list •Modify layout of folder / project list dashboard |
Folder Support |
•Identical access rights as the Manager |
Folder Reader |
•Read all information within own and underlying levels |
Roles on Portfolio Management
Role |
Rights |
Portfolio Management Coordinator
|
•Create and archive portfolios •Assign managers and readers to individual portfolios •Manage roles at all levels within the portfolios •Access to all portfolios and their data •Create and archive portfolio items within portfolios •Administer portfolio models •Remove and restore archived portfolio items •Assign a project manager when starting a project from a portfolio item •Changing the portfolio dashboard layout |
Portfolio Management Reader |
•Read access to all data within the assigned level |
Roles within Portfolios
Role |
Rights |
Portfolio Manager
|
•Create and archive portfolio items •Assign managers, readers and members as owner to individual portfolio items •Access to all portfolios and their data •Create and archive portfolio items within portfolio •Remove and restore archived portfolio items •Assign a project manager when starting a project from a portfolio item •Changing the portfolio dashboard layout •Saving portfolio versions |
Portfolio Reader |
•Read access to all data within the assigned level |
Portfolio Members (available as of release 7.0) |
•Can be assigned to individual portfolio items as owner Note: before being granted access to portfolios, users first have to be a member of Portfolio Management |
Roles on Portfolio Items
Role |
Rights |
Owner |
•Add documents to a portfolio item •Editing all portfolio item specific and custom fields |
Roles within Custom Dashboards
Role |
Rights |
Dashboard owner |
•Can set the dashboard filter and modify the portfolio dashboard (views, reports etc.).
Note: The viewing permissions of the dashboard owner are used to identify the list of projects for the portfolio dashboard.
A common scenario is to have the dashboard owner someone that coordinates the portfolio management setup, or an administrator. By setting the correct dashboard filter, other users can see the information they need. |
Dashboard manager |
Dashboard managers cannot alter the dashboard filter but otherwise have full permission (except to edit project information as a portfolio dashboard is used for viewing/reporting). Dashboard managers are allowed to create views, reports etc. |
Dashboard reader |
Dashboard readers only have viewing access to the portfolio dashboard but cannot define additional reports. |
Roles on Programmes
Role |
Rights |
Programme Manager
|
•Manage all information within own programme •Edit programme plan, planning, logs, etc. •Edit members •Set the general status of own programme •Modify lay-out programme dashboard |
Programme Support |
•Identical access rights as the Manager |
Programme Reader |
•Read all information within a programme •Add issues to the issue log |
Programme Member |
•Access assigned items within the programme •Add issues to the issue log |
Roles within Projects
Role |
Rights |
Project Manager and Project Support |
•Manage all information within own project •Edit project plan, planning, logs, etc. •Edit project team •Set the general status of own project •Modify lay-out project dashboard |
Project Board members (Executive, Senior User, Senior Supplier) |
•Read all information within a project •Add issues to the issue log |
Team member
|
•Read all information within a project, except project costs information. •Add issues to the issue log |
Roles on Products / Plan Items
Role |
Rights |
Owner |
•Add deliverables (documents) to a product •Add new log items (issues, risks, changes, actions, quality reviews) related to the product. •Editing all product specific and custom fields |
Reviewer |
•Add deliverables (documents) to a product •Add new log items (issues, risks, changes, actions, quality reviews) related to the product. •Editing all product specific and custom fields |
Participant |
•Add new issues related to the product. |
Roles on Logs (Issues, Risks, Changes, Actions, Quality reviews)
Role |
Rights |
Owner |
•Change all information in a log item •Assign the log item to another project team member |
Creator |
•Change all information in a log item •Assign the log item to another project team member |
Project Manager and Project Support |
•Change all information in a log item •Assign the log item to another project team member |
Roles within Resource Management
Role |
Rights |
Resource Management Coordinators |
Has the following rights on all Resources within all underlying organisational units: •Defining resource availability •Allocating project and non-project work |
Resource Management Reader |
Has the following rights on all Resources within all underlying organisational units: •Access to all resources on the underlying organisational units. •Reader access to all allocation requests, time allocations, and availability data |
Roles within Benefits Management
Role |
Rights |
Benefit Management Coordinators |
•Creating, editing and removing benefits •Editing the benefits map •Editing benefit lay-out |
Benefit Management Reader |
•Reader access to all benefits and benefits map |
Role |
Rights |
Managers |
•Change Agile Team name •Manage members •Manage labels •Lists (create, edit name, move and archive) •Cards (create, edit name, move, add/remove attachments, add/change labels and archive) •Portfolio Report tab (access, edit and publish) •Archived and restore cards |
Teammembers |
Same right as Manager exept: •No access to manage members •No access to Portfolio Report tab |