User Types
File Access Manager is pre-configured with the following capabilities that can access the Web Interface. Additional capabilities can be created, according to the rights the different users require, with the assistance of SailPoint Professional Services or Partners.
The user types are:
- Administrators
- Compliance Managers
- Data Owners
- Auditors
- Other Users
| Capability Screens | Administrator | Compliance Manager | Data Owner | Auditor |
|---|---|---|---|---|
| Dashboard | ✓ | ✓a | ||
| Resource | ✓ | ✓ | ||
| My Tasks | ✓ | ✓ | ✓ | ✓ |
| Reports | ✓ | ✓ | ✓ | ✓ |
| Compliance | ✓ | ✓ b | ||
| Forensics | ✓ | ✓ c | ✓ | ✓ |
| Goals | ✓ | |||
| Settings | ✓ | ✓d |
a. Data Owners see a limited version of the dashboards that is relevant to the capability.
b. The Compliance Manager cannot access the Alert Rules under the compliance menu.
c. Compliance Managers have access to the Data Classification Forensics page only.
d. Compliance Managers' access to the Settings screen is limited to the Access Certification Message Template.
Note
For a full description of the permissions set per capability, see the web_permission table in the File Access Manager database.
Note
File Access Manager is highly customizable. Administrators and implementation teams may modify your system or add new capabilities to it that cause it to differ from the table above.
Administrator
The Dashboard is the first screen an Administrator sees.
Users with Administrator capability can access all screens and also have the full scope, meaning that they have access to all data.
Administrators can access all pages and buttons that data owners can access, including general settings, configurations, and the definition and management of crowd sourcing elections and goals.
Compliance Manager
My Tasks is the first screen that Campaign Managers see.
Campaign Managers can access the My Tasks, Reports, Compliance, Forensics, and Settings tabs.
Data Owner
The Dashboard is the first screen Data Owners see.
Data Owners can access the Dashboard, Resources, My Tasks, Reports, and Forensics tabs.
Data owners handle ad-hoc tasks but are also responsible for the data involved in those tasks. The Resources view displays problems to data owners for them to correct.
Auditor
The auditor capability is intended for users who perform internal audits, and assist in external audits, on user access information within the organization.
They can see and manage all reports and well as see and run the forensic screens.
Note
This capability does not by default have permission to delete reports.
Other Users
My Tasks is the first screen that most users see.
Users can access the My Tasks and Reports tabs.
Users handle ad-hoc tasks, including:
- Reviewing Access Certification Campaigns and Access Requests
- Asking for permissions through the Access Request Wizard
- Viewing reports