Questions To Consider for Security
Click here to see this page in full context

Questions To Consider for Security

When setting up security for your agency, you need to consider what the structure of your agency is like. How does a proposal move through the system? Which tasks are shared with groups of people?

Consider when and what access groups of people need.

  1. How does a project/proposal progress through the life cycle? Create a list of the phases. You do not have to capture every phase of the life cycle, just those where web-based AASHTOWare Project will be used.

  2. When in the life cycle will users need access?

    a. What types of users will there be?

    b. What type of access will they need for each phase?

    c. If the access rights do not change between phases, then consider collapsing those phases into a single phase, at least from the perspective of security.

Consider which and what access:

  1. Which projects/proposal will users need to access?

    a. What are the attributes of the project/proposal that determine the access?

    b. What type of access will they need for each type of project/proposal?

  2. Which pages will they need to be able to access?

    a. What type of access will they need for each page?

Related topics:

Security Component and Row Level

 

Blue bar indicating the end of the topic