Roles for the Compliance Suite platform and assignment
| All users who need to access Compliance Suite must have a: |
-
License for Dynamics and
-
Role in Compliance Suite
Roles in Compliance Suite
The following roles are the most commonly used in Compliance Suite:
| Role | CCS Manage (former CCS Self-Service) | CCS HR | CCS HR Modify | CCS GDPR | CCS Service Desk | CCS Administrator | CCS Auditor | CCS Updater | CCS Service | CCS Report |
|---|---|---|---|---|---|---|---|---|---|---|
Description |
Can create and see own approve and implement |
See all people, create new ones and order accesses |
Same as HR + correct selected organizational entities |
See GDPR dashboard, correct GDPR entities |
See GDPR dashboard, correct GDPR entities |
Everything except delete People directly |
Read everything |
Can update CCS Solution |
Can everything that CCS Service Account must be able to, ie. that which CCS performs automatically |
See all CCS Reports |
Example |
Manager/System owner |
HR Employee |
HR Employee |
DPO |
Employed in Service Desk |
IT administrator |
Revision |
SIVIS IT |
SIVIS CCS Service |
Management & IT |
Dashboards |
Manage Board |
HR Board, Organizational Updates Board |
HR Board, Organizational Updates Board |
GDPR Board |
All boards |
All boards |
All boards |
All boards |
Report Board |
|
Access |
Create, Read(Owner), Update(Owner) |
Create, Read,Update(Owner) |
Create, Read,Update(Owner) |
Read |
Create,Read,Update |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
ADDS Organizational Unit |
(none) |
Read |
Read |
Read |
Read |
Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
Application, Application Type |
Read |
Read |
Read |
Create, Read, Update |
Read |
Create, Read, Update |
Read |
Create, Read, Update,Delete |
Read |
|
Asset |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Asset Type |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Auto Group Definition |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
Auto Role Binding |
Read (will need to have read to view/create access from subgrid from the personal forum) |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
Auto Role Definition |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
Blacklist |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
Boarding Definition |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Boarding Step |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Boarding Task |
Read(Owner) |
Read |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
|
Business Process |
(none) |
(none) |
(none) |
Create,Read,Update |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Category |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Company |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Company Type+Set+SetType |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Compliance Suite Configuration |
Read |
Read |
Read |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
(none) |
Cost Center |
Read |
Read |
Create, Read, Update |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Cost Center Type+Set+SetType |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Country |
Read |
Read |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
|
Custom Connector |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Custom Resources Type+ Set |
Read |
Read |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
|
Data Type |
(none) |
(none) |
(none) |
Create,Read,Update |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Data Type Article |
(none) |
(none) |
(none) |
Create,Read,Update |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Department |
Read |
Read |
Create, Read, Update |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Department Type+Set+SetType |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Distribution List |
(none) |
(none) |
(none) |
(none) |
Read |
Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Division |
Read |
Read |
Create, Read, Update |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Division Type+Set+SetType |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Exchange System |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Group (User Group) |
(none) |
(none) |
(none) |
(none) |
Read |
Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
History Log (Log Entry) |
(none) |
Read |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
|
Initials Suggestion |
Read |
Read |
Read |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Initials Suggestion Definition |
Read |
Read |
Read |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Job Title |
Read |
Read |
Create, Read, Update |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Job Title Type+Set+SetType |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Language |
Read |
Read |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
|
License |
(none) |
(none) |
(none) |
(none) |
Read |
Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
License Service Set |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
License Set Pool |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Location |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Location Type+Set+SetType |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Logos |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Mail Alias |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Mail Group (Shared Mailbox) |
(none) |
(none) |
(none) |
(none) |
Read |
Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Mail Notification |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Manage Definition |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Membership |
(none) |
(none) |
(none) |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
|
Menu |
Read |
Read |
Read |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Menu Item |
Read |
Read |
Read |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Navision System |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Note |
(none) |
(none) |
(none) |
Create,Read,Update |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Office 365 Group |
(none) |
(none) |
(none) |
(none) |
Read |
Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Order |
Create,Read(Owner),Update(Owner) |
Create,Read,Update(Owner) |
Create,Read,Update(Owner) |
Read |
Create,Read,Update(Owner) |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Password Definition |
(none) |
(none) |
(none) |
(none) |
(none) |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Password Definition Word |
(none) |
(none) |
(none) |
(none) |
(none) |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Person |
Create, Read, Update(Owner) |
Create, Read, Update |
Create, Read, Update |
Read |
Create,Read,Update |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Person Quick Role Process |
Create, Read, Update |
Create, Read, Update |
Create, Read, Update |
Read |
Create,Read,Update |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
Person Status |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Person Type |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Position |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Position Type+Set+SetType |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Process Activity |
(none) |
(none) |
(none) |
Create,Read,Update |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Role |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
Rule |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Rule Condition |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
Rule Membership |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
Salutation |
Read |
Read |
Create,Read,Modify |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Shared Folder |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Skype System |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
System Partition |
Read |
Read |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
|
Dynamics 365 Teams |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
Create,Read,Update,Delete |
Read |
|
Ticket |
(none) |
(none) |
(none) |
(none) |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
|
Ticket System |
(none) |
(none) |
(none) |
(none) |
Read |
Create,Read,Update |
Read |
Create,Read,Update,Delete |
Read |
|
Used Word |
Read |
Read |
Read |
Read |
Read |
Read,Update |
Read |
Create,Read,Update,Delete |
(none) |
|
User System |
Read |
Read |
Read |
Read |
Read |
Read |
Read |
Create,Read,Update,Delete |
Read |
|
User System Identity |
(none) |
Read |
Read |
Read |
Roles must be assigned to users within Dynamics in order for a user to use CCS.
Assign a Compliance Suite role
-
Click on the settings icon in the right-hand corner and select Advanced Settings.
-
Select "Settings" and "Security".
-
Click on "Users".
-
Select the user to whom you would like to assign a Dynamics role by clicking on "Full Name" to open the user.
-
Click on "Manage Roles" to add a role to the user.
-
Select the role you want the user to have, for example, CCS Service Desk, and then click "Ok" to save the setting.
The user has now been assigned a role in Compliance Suite and can access the system.
Overview of roles in Dynamics
You can also go to "Security Roles" - here you will see all the active roles in Dynamics:
Click on a given role and see what the role gives access to under the tab, "Custom Entities":
| Once you save any changes made to a given role, they take effect immediately, so be careful about changing the role settings. |
Dynamics 365 - Access Team Connector
The entity, "Dynamics 365 Team" is similar to OU for ADDS, but does not have a priority.
All teams are imported automatically and you can map one or more CCS roles to teams.
Only people who have a CRM license can join the team, otherwise the membership will indicate "User has no license" (like in the case of shared mailbox access).
This is relevant for Request, Change and Request Template.