Who is this article for?

Administrators who need to understand Entity Permissions.

Administrator access to the Universe module is required.

This article explains the permission levels associated with defining and executing Actions across Clients (Incidents), Entities (ORCTs), and Audits (Findings) in Ideagen Internal Audit (Aura).

1. Understanding permission levels

The Permissions associated with defining Actions relate to three levels:

• Clients (Incidents)
• Entities (ORCTs)
• Audits (Findings)

Once Actions move on to the tracking stage they all become equal, so the Permissions associated with executing Actions (and performing Action Updates) apply to Actions of all types.

Note: The Finding Permissions are Audit-level only. Points can be raised against Actions (of all types) and Actions can exist outside of the context of an Audit.

2. Configuring Read Actions permissions

There are three different Read Actions permissions available:

• Read Client Actions
• Read Entity Actions
• Read Audit Actions

Each of these permissions can be set to one of the following values:

1. None – no access to Actions at all.
2. Owner – where the Person is the Owner of the Action.
3. Interested – Interested Parties.
4. Department – where the Person has the same Department as the Action.
5. Parent – where the Person is authorised to read the Client/Entity/Audit.
6. Universe – where the Person is authorised to read the Entity/Process cell of the Universe.
7. All – no restriction on Actions at all.