BPC RiskManager - Creating and Updating Resources

From RiskWiki
Revision as of 13:44, 10 September 2019 by Bishopj (talk | contribs) (Created page with "=Introduction= Resources and users can be created individually or in bulk within the system. A user must also be a resource, so resources are created first, and then grante...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Introduction

Resources and users can be created individually or in bulk within the system. A user must also be a resource, so resources are created first, and then granted access rights as a user.


Resources have no access rights within BPC RiskManager, but can receive emails, reminders, surveys, workflow tasks, etc.


There are broadly 4 ways to create resources and 2 ways to create users. All of these approaches broadly fall into:

  • Adhoc creation
  • Bulk creation


Ad hoc Resource Creation

Introduction

There are 3 ways to create resources ad hoc:

  1. By attempting to access the database with the risk manager client. When a user attempts to access a riskmanager database with a riskkmanager client unless they are already a user with access rights, access will be denied. However, riskmanager will recourd their network user name and automatically create a resource record for them. Thus an administrator can easilly convert the new resource into a user by accessing the resource list and adding their username, email and password (if locally managed access security is turned on). The next time that user attempts to access they will then be allowed in. There are no security implications in being a resource in riskmanager, so this method entails no risk to the application.

  2. By being created manually as a resource on the resources screen.

  3. By being granted responsibility dynamically for a risk, strategy/control, task, insurance policy, etc. on the appropriate screen.


The first two of these involve using the resources screen at some point to add the resource details. The third approach uses a shortform screen that opens from the relevant risk data screen, such as the "Maintain Risks" window. We shall therefore first consider this approach.


Creating resources dynamically from a Maintain Risks window

  • While editing a risk, strategy/control, task, insurance policy or other record to which responsibility can be assigned, you will find a button beside the responsibility fields as shown (circled in red):



  • Selecting this button will launch the following window:



  • Enter the data in the fields and select OK to save it and allocate the responsibility to that person. Note, while a network user name is not required at this point, you are strongly advised to supply the correct network username / login id now if expect to later grant this new resource user access to the system. We strongly advise AGAINST login id's with spaces in them. Although the system will generally handle them correctly, some browsers will have problems with survey screens if you later send surveys/compliance forms to these users. The system generally assumes that login id's do not have spaces.


Creating resources manually from the Maintain a Resource window

You can create resources individually (as well as revising their details) using the resource maintenance window.


  • Open your BPC Risk Manager client and select the Access tab (you must be an RM Administrator to do this)



  • Select the security buitton
  • A Set up Security window will open:
  • Select the "Step 1: Maintaining a Resource" tab and "Option 2: Create & Maintain a Resource"



  • To create a new resource, select "New"
  • Enter the details in the edit boxes in the top of the screen. Note that the "Display Name" will be automatically assembled from the First and Last Names, but you can override it.
  • If you know the network user name (login id) of the user, and you intend this resource to ultimately be able to login to RiskManager, you should override the automatically created network user name with the real user id. This will save confusion later and prevent duplication of user identities if they subsequently attempt to access and riskmanager automatatically creates a resource for them.
  • NOTE: If the user has ALREADY attempted to access the system, you will probably already have a resource entry created for them. In this case, just locate them in the grid, select the corresponding row and enter the appropriate details. Their network user name will already be correct.
  • Save the changes by selecting the green tick below the data entry feilds, or the save button at the top of the screen.
  • Close the window by selecting the close button on the window.



Bulk Resource Creation

Data Format

Resources can be created en-mass by importing from a comma separated file or merely copying and pasting from a spreadsheet.


1. If a comma separated file is used the format is:

CSV Format - Where only resources are being created

  • A text file
  • With NO heading row
  • Consecutive lines separated by cr/lf,
  • Each line containing:
loginid, first_name, last_name, title, email


CSV Format - Where resources and users are being created in one step

  • A text file
  • With NO heading row
  • Consecutive lines separated by cr/lf,
  • Each line containing:
loginid, first_name, last_name, title, email, password


2. If the list is to be copied from a spreadsheet, create a spreadhseet with the following column layout:


XL Format - Where only resources are being created

  • Consecutive rows,
  • Each row containing columns with:
loginid, first_name, last_name, title, email


XL Format - Where resources and users are being created in one step

  • Consecutive rows,
  • Each row containing columns with:
loginid, first_name, last_name, title, email, password


As you will be copying the cell block excluding any headings, whether the spreadsheet has headings or not is up to you - just do not include any headings in the block you select and copy.


Steps for Creating Resources in Bulk in BPC RiskManager

  • Open your BPC Risk Manager client and select the Access tab (you must be an RM Administrator to do this)



  • Select the security buitton
  • A Set up Security window will open:
  • Select the "Step 1: Maintaining a Resource" tab and "Option 1: Bulk Import of resources"



  • Now open an XL Spreadsheet and populate it with personnel data as shown, using the format below:
loginid, first_name, last_name, title, email


  • Mark and select the area and copy the selected area to the clipboard (ctrl-c)
  • Returning to BPC RiskManager, right click in the grid and choose "Paste". The grid will populate with the data you cpoied as shown:


  • Verify that the "Create User access accounts" is UNCHECKED, as if this were checked, login-ids would be created and the import data structure would have to be different.


  • You could alos have save the XL sheet to disk as a csv file, and read it in using "Load File" button.


  • Now select the "Import Resources" button and the resources will be automatically imported



Steps for Creating Resources and Users at the same time in Bulk in BPC RiskManager

Using the bulk resource importer, it is possible to create both resources and their matching user records at the same time.


  • Open your BPC Risk Manager client and select the Access tab (you must be an RM Administrator to do this)



  • Select the security buitton
  • A Set up Security window will open:
  • Select the "Step 1: Maintaining a Resource" tab and "Option 1: Bulk Import of resources"



  • Now open an XL Spreadsheet and populate it with personnel data as shown, using the format below:
loginid, first_name, last_name, title, email, password




Note: You can put any password in the password column you like.  Users can change their passwords after they 
log in.  Either  issue people with psuedo random passwords, or create all accounts with the same password and 
require your users to change them on access if you like, but we recommend sensible random values at least
as some users will forget to change the password, or may not access the system immediately.


  • Mark and select the area and copy the selected area to the clipboard (ctrl-c)
  • Returning to BPC RiskManager, verify that the "Create User access accounts" checkbox is CHECKED (as shown). When it is ticked, you will notice an extra column appear in the grid. This column is for the passwords in your spreadsheat.
  • Now right click in the grid and choose "Paste". The grid will populate with the data you copied as shown:



  • You could also have saved the XL sheet to disk as a csv file, and read it in using "Load File" button.


  • Now select the "Import Resources" button and the resources will be automatically imported, and for each row succefully imported the word "Done" will apear in the first column. For those that failed, an error message will be inserted in the first column.



  • With the resources properly imported and corresponding user records created we should next assign appropriate roles.
  • On the top tab bar select "Step 2 - Define Resource Access Rights". The user rights management screen will display.
  • Imported users are created with no rights as shown.



  • For each new user select their corresponding row in the grid.
  • In the lower half of the screen (below the grid):
  1. In the "Assigned Role" drop box field, select the user's access role from the list.
  2. If the user is an auditor, and should be able to create the audit assessments, etc. Select "Yes" from the "Is the user an Auditor?" field.
  3. Determine whether the user has restricted or unrestricted access rights, for risk types and business areas respectively. If the user is unrestricted you are finished with this part of the screen. If the user is restricted, you must grant them access to the particular risk types and business areas to which they should have access.
  4. Select the "Save" button at the top of the screen, if it is highlighted, to save the changes made so far.

    For "Risk Type" restricted users:
    • In the "Access to risk types" column left click on "Add".
    • Left mouse click the empty cell that appears in the left hand grid under "Risk Type", and a drop down box selector will appear.
    • Select a risk type from the list in the drop down box.
    • Select "Save" from the column control panel beside the Risk Type grid (if it is highlighted - the first row will often save automatically)
    • Repeat for each Risk Type to which you want them to have access.





    For "Access to Business Area" restricted users:

    • In the "Access to Business Area" column left click on "Add".
    • Left mouse click the empty "Business Group" cell that appears in the right hand grid under "Access to Business Areas", and a drop down box selector will appear.
    • Select a Business Group from the list in the drop down box.
    • Left mouse click the empty "Business Unit" cell that appears in the right hand grid under "Access to Business Areas", and a drop down box selector will appear.
    • Select a Business Unit from the list in the drop down box.
    • Select "Save" from the column control panel beside the "Access to Business Areas" grid (if it is highlighted - the first row will often save automatically)
    • Repeat for each business group / business unit combination to which you want them to have access.





  5. Finally select "Save" from the top of the screen (if it is highlighted) to save the changes made to this user.



  6. Repeat this process for each user for which you wish to make changes.
  7. When you are finished, simply close the screen using the normal windows close box in the top right hand corner of the window.


BackLinks

Retrieved from "https://www.bishopphillips.com/riskwiki/index.php?title=BPC_RiskManager_-_Creating_and_Updating_Resources&oldid=16"