Managing PMO Team security profiles, privileges
Forum Sponsor
Top Posters
Nick Johnson-Pond
3 posts
sairedz25
0 posts
Ahmed Awad
2 posts
Syed Shoeb
0 posts
Vimukthi
0 posts
bal aji
2 posts
Lee Mallek
23 posts
Viet Tran
9 posts
Ola Gbotoso
0 posts
Jaturapit Multongka
1 posts
José
Thanks, José; it was filled with work.
These codes are valuable in case of cooperation - if customer or a subcontractor receive a project-file or have access to the database. In my opinion the most important characteristic of these codes is: They are not exported.
Examples might be:
- Characteristics of persons (workers) - regulations to keep personal data secret.
- Informations (classifications) on business partners which must be kept as companys secret.
- Financial classifications.
Much success with your project!
Regards
Dieter
Hi Dieter,
Thank you so much again. This is very helpful in creating the best possible security profiles and privileges for this folks. I also read the adm guide it was also helpful in getting this far.
I wanted to ask you about the EPS Secure Codes:
"A global or EPS-level activity code that is accessible only to certain users. If an EPS-level or global activity code is marked as a secure code in the Activity Code Definitions dialog box, the user will need the appropriate access rights to view, edit, delete and assign this code and its values."
Would you be able to provide me with a few examples of what these secure codes are, since I dont know what information one would want to hide with these codes?
Thank you Dieter,
Hope you had a great weekend.
José
What youll allow to your users depends on the organization you are working for. Basic principle for me allways was: Read access: liberal, Write: restrictive, Delete: Very restrictive. The roles that you defined seem quite reasonable. Just some remarks/questions:
CCAM: Needs
- View resource and Role Costs
- Edit Project Activities
PCC:
NOT: Edit Users, Edit Profiles
Shall she/he vreate projects and condes?
PM:
Plus: Edit WBS, Apply Actuals, Maintain and Assign BL, Monitor Risks...
Edit codes, resources, Imp/Exp, create projects should be restricted to yourself and your "Deputy"
RM:
Edit Committed Flag If youll use the web interface, then hell need it otherwise its not accessible.
Regards
Dieter
Okay PPL of Planning Planet and Dieter(Thank you for your guidance), This is what My Security Profiles and Privileges are staring to look like:
I place a (?) on privileges I wasnt sure about. So, if anyone would like to advise me on: Sec. Profile, if they should have/not have the PRIVILEGE I have ALLOWED THEM, listed below for each of the Profiles. Please, Let me know.
Security Profile:
Cost Control Account Manager (CCAM)
Privilege:
Store Period Performance
Edit Period Performance
View Project Costs/Financials
Edit Project WBS Financials
Edit EPS Financials
Edit Project Expenses
Project Controls Coordinator (PCC)
Privilege:
The PCC has all rights n privilege (edit access to all data, including administration rights)
Project Manager (PM)
Privilege:
Summarized Project
Edit Project Details Except Financials
Schedule Project
Apply Actuals?
Maintain Project Baseline?
Assign Project Baseline?
Edit Project Work Products and Documents
View Project Costs/Financials
Check In/Check Out Project
Assign Issue Forms
View Timesheets In Report
Project Top-Down Estimation?
Edit Project Thresholds, Issues and Risk?
Add/Edit Project Level Layout
Lead Project Planner/Scheduler
Privilege:
Create Projects Within EPS
Summarize Project
Edit Project Details Except Finacials
Adminster Project Externals Applications
Schedule Project
Level Resources
Apply Actuals
Store Period Performace?
Maintain Project Baselines
Run Baseline Updates
Assign Project Baseline
Edit Project Work Products and Documents?
Add/Edit Project Template Documents
Edit Project Activity Code
View Project Cost/Financials
Edit Project Activity Codes
Add Project Activity Codes
Edit Project WBS Except Financials
Edit Project Expenses
Edit Project Activity Relationship
Add/Edit Project Activities Except Relationship
Add/Edit Project Level Layout
Monitor Project Thresholds?
Edit Project Reports
Check In/Check Out Project
Assign Issue Forms
View Timesheets In Report
Import/View Contract Manager Data
Project Top-Down Estimation
Edit Project Thresholds, Issues and Risk
Create Work Group?
Modify Project Workspace and Workgroup Preferences?
Project Planner/Scheduler
Privilege:
Schedule Project
Apply Actuals
Maintain Project Baselines
Run Baseline Updates
Assign Project Baseline
Edit Project Work Products and Documents?
Add/Edit Project Template Documents
View Project Cost/Financials
Check In/Check Out Project
Edit Project Activity Relationship
Add/Edit Project Activities Except Relationship
Delete Project Activities
Add/Edit Project Level Layout
Resource Manager
Privilege:
Delete Resource
Add Resource
Edit Resource
Approve Resource Timesheet
Edit Global Reports
Edit Global Tracking Layouts
Edit Roles
Edit Global Calendar
Edit Resource Calendar
Edit Timesheet Dates
Edit Project Codes
View Resource and Role Costs
Schedule Project
Level Resources
Perform Acitivity Resource Request
Edit Resource Assignment For Resource Planning
Edit Committed Flag for Resource Planning?
Thank you all,
JoseR
(\__/)
(+.+)
(")_(")
José
The roles seem ok, maybe to add a resource planner (Head of Team or Department). Cost Control may work with a read-only profile.
You can start with those profiles:
- Read everything maybe without costs: The whole team
- Two "Admin Superusers" - one might be sick, on business trip,...
- Each planner and scheduler should have her/his test area with a right "Project Superuser" - or create a second database for testing.
- Be careful with the right to delete (projects, activities, codes, resources). Only Admins should be allowed
- Study the concept of "secure codes"
- Study the Help function, it is very good.
Dont forget to create and to enable a batch job (Tools --> Job Service) which summarizes every night.
Im very surprised to see you start with P3e.
Good luck!
Dieter