Auditor

Author: Visual Guard 56 views

This user can access the repository in read only mode, he can also read the log and print the report.

  • The Auditor will be granted the Auditor and Restricted Auditor permission sets by default.
  • Depending on the permission sets the Auditor will be assigned following permissions by default:
DescriptionRemarks
Auditor Permissions
Applications\Can Read All ApplicationsThis permission gives you the right to read all applications.
Users\Can Read All UsersThis permission gives you the right to read all users.
Groups\Can Read All GroupsThis permission gives you the right to read all groups.
Restricted Auditor Permissions: The restricted auditor role will have access to applications for which he has been granted “Membership Manager” role.
Applications\Can Read ApplicationThis permission gives you the right to read applications for which you have the role “Membership Manager”
Audit and Reporting\Can Generate DocumentationThis permission gives you the right to generate documentation.
Audit and Reporting\Can Read Event LogThis permission gives you the right to read an Event Log.
Groups\Can Read GroupThis permission gives you the right to read group.
Users\Can Read UserThis permission gives you the right to read user.
Permissions\Can Read PermissionThis permission gives you the right to read a permission.
Permission Sets\Can Read Permission SetThis permission gives you the right to read a permission set.
Roles\Can Read Application RoleThis permission gives you the right to read an application role.
Roles\Can Read Shared RoleThis permission gives you the right to read a shared role.
Roles\Can Read System RoleThis permission gives you the right to read a system role.

Impact of Auditor Role on Applications

This module explains the impact on the applications if the user has been granted Auditor Role.

  • The User will be assigned following permissions:
DescriptionRemarks
Can Read All ApplicationsThis permission gives access to read all applications.
Can Read ApplicationThis permission gives you the right to read applications for which you have the role “Membership Manager”.
  • Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
  • Since the user has permissions to Can Read All Applications and Can Read Application, the Can Read All Applications will override.
  • The user will be able to view list of all the applications. (A)
  • The user can click on the Application name to view the application information as shown below:
  • Other application related options will be disabled as shown below:

Impact of Auditor Role on Audit and Reporting

This module explains the impact on the audit and reporting if the user has been granted the Auditor Role.

  • The User will be assigned following permissions:
DescriptionRemarks
CanGenerateDocumentationThis permission gives you the right to generate documentation.
Can Read Event LogThis permission gives you the right to read an Event Log.
  • Once the user logs in using the assigned mode of authentication, the following screen will be displayed.
  • The user will be able to view list of all the applications (A).
  • Since the user has permissions to Can Generate Documentation he can use Generate Documentation option to generate documentation of each entity in the Visual Guard console.
  • Can Read Event Log permission allows access to viewing the event log as shown below:

Impact of Auditor Role on Groups

This module explains the impact on the groups if the user has been granted an Auditor Role.

  • The User will be assigned following permissions:
DescriptionRemarks
\Groups\CanReadGroupThis permission gives access to read a group for which you have the role “Membership Manager”.
\Groups\CanReadAllGroupsThis permission gives you the right to read all the groups.
  • Once the user logs in using the assigned mode of authentication, the following screen will be displayed.
  • The user will be able to view list of all the applications (A).
  • Since the user has permissions to Can Read All Groups and Can Read Groups, the Can Read All Groups will override.
  • The user will be able to view list of all the groups.
  • The user cannot rename, remove or add a new group, the options will be disabled as shown below:

Impact of Auditor Role on Permissions

This module explains the impact on the permissions if the user has been granted an Auditor Role.

  • The User will be assigned following permissions:
DescriptionRemarks
Can Read PermissionThis permission gives you the right to read a permission.
  • Once the user logs in using the assigned mode of authentication, the following screen will be displayed.
  • The user will be able to view list of all the applications (A).
  • Since the user has permissions to Read permissions all permission details will be displayed in read only mode. (A)
  • Additionally the options to rename, remove or add a new permission will also be disabled as shown below:

Impact of Auditor Role on Permission Sets

This module explains the impact on the permission sets if the user has been granted an Auditor Role.

  • The User will be assigned following permissions:
DescriptionRemarks
Can Read Permission SetsThis permission gives you the right to read a permission set.
  • Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
  • The user will be able to view list of all the applications (A).
  • Since the user has permissions to Read permission sets all permission set details will be displayed in read only mode. (A)
  • Additionally the options to rename, remove or add a new permission set will also be disabled as shown below:

Impact of Auditor Role on Roles

This module explains the impact on the roles if the user has been granted an Auditor Role.

The User will be assigned following permissions:

DescriptionRemarks
Can Read Application RoleThis permission gives you the right to read an application role.
Can Read Shared RoleThis permission gives you the right to read a shared role.
Can Read System RoleThis permission gives you the right to read a system role.
  • Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
  • The user will be able to view list of all the applications (A).
  • Since the user has Can Read Application Role privilege he can view just the role details.
  • Additional options such as rename, remove or add a new role will be disabled as shown below:
  • Similarly the Can Read Shared Role privilege will allow the user to view the shared role information in read only mode.
  • Additional options such as rename, remove or add a new role will be disabled as shown below:
  • Similarly the Can Read Special Role privilege will allow the user to view the special role information in read only mode.
  • Additional options such as rename, remove or add a new role will be disabled as shown below:

Impact of Auditor Role on Users

This module explains the impact on the users if the user has been granted an Auditor Role.

  • The User will be assigned following permissions:
DescriptionRemarks
Can Read All UsersThis permission gives you the right to read all users
Can Read UserThis permission gives you the right to read user
  • Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
  • The user will be able to view list of all the applications (A).
  • Since the user has both the privileges namely Can Read All Users and Can Read User permissions, Can Read All Users permission will override.
  • Can Read All Users permission will allow the user to view the list of all users.
  • The user can view the user details by clicking on username.
  • All details will be displayed in read only mode.

See Also: