Note: Only Positions in the Administrator System Group can access the Security Centre.
Note: From Version 2.1, all Portal Users must be recorded in TriLine GRC with their own User-Id. See Portal Users for more information.
About The Security Centre
All users of the TriLine GRC system must have a Position.
All information stored in TriLine GRC is called a Record. For example a Compliance Process is a records.
The access of Records, and the roles and responsibilities in Records, is controlled by Security Groups. Security Groups are created by your Administrator (‘Users’ is a default Security Group that cannot be deleted, but is optional and not required to be used).
The access to TriLine GRC functionality is controlled by System Groups. Examples of functionality include creating records, and reporting. System Groups are part of the TriLine GRC system.
Positions get access to Records through membership of Security Groups.
Positions get access to TriLine GRC functionality through membership of System Groups.
The exception is the Administrators System Groups. Administrators also have access to all records, with Module Administrators only having access to all record in that module.
Security Groups control access to records. Security Groups operate across modules.
TriLine GRC is very flexible in the granularity of security that can be applied. At its broadest, you may have one Security Group with a membership of all Positions and access all records. To at its narrowest, a Security Group with a single position with access to a single Record.
Overview of Security System
This diagram shows how Positions access Records through the Security System.
Overview of Security System
Administrator Functionality Guide
This guide shows the main areas of control of the administrators.
Administrator Functionality Guide
Record Access Guide
This is the Record updating and viewing guide.
Record Access Guide
Reporting Function is dependent on Record access for every Position.
Security Management
Positions, Task Teams, Security and System Groups are managed via the Security Centre.
Record Security Rights are managed at the record level using Security Groups.
A Position’s level of access to Records, Main Menu options and functionality depends on the Positions membership of Security Group(s) and System Group(s).
Record Security Rights
Record Security Rights are assigned to Security Groups, not individual Positions. Positions inherit Rights as members of a Security Group.
Record Security Rights are assigned on the Security tab of each record. Only Position’s with Edit level access of this record, can see this tab.
Note: Positions in the Administrators System Group have Edit access to all Records. Positions in a Module Administrator System Group have Edit access to all records in that module.
TriLine GRC Security Rights
Security Group Category
Security Rights
Security Groups
Record rights are assigned to Security Groups. These rights are Edit, View-only or No Access. ‘Actioned By’ can be to Positions in Security Groups with Edit or View Access.
System Groups
Access particular features and functions via the Main Menu and Maintenance Menu. System Groups include Administrator, Super User, View Dashboard, View Reports, Create new Compliance Process, Contract Register, Risk and/or KRI.
All Position, Task Team membership, and Security Group membership is maintained in the Security Centre.
The Security Centre tabs
Security Centre page elements
Security Centre page elements
ID
Item
Description
1
‘Positions’ tab
Manage Positions (add/edit/obsolete). Assign Positions to, and remove Positions from, Task Teams and Security Groups. Show Password strength. Show Position Usage. Show add and block IP Addresses. Transfer Roles and Responsibilities.
2
‘Portal Users’ tab
Manage Portal Users (add/edit/obsolete). Show Password strength. Block or Allow access to the Portal for each user. Show Portal Users History. Convert Portal User to a TriLine GRC Position. IP Address Usage. Portal Usage.
3
‘Task Teams’ tab
Manage Task Teams (add/edit/delete). Assign Positions to, and remove Positions from, Task Teams. Show Task Teams Usage
4
‘Security Groups’ tab
Manage Security Groups (add/edit/delete). Assign Positions to, and remove Positions from, Security Groups. Show Security Group Usage.
5
‘System Groups’ tab
Assign Positions to, and remove Positions from, System Groups. System Groups include Administrator, module Administrator, _Create module record, Super User(Viewer), View Dashboard and View Reports. The System Groups pre-assigned list and groups cannot be added or removed here.
6
‘User Emails’ tab
Welcoming email send to new users of TriLine GRC and Portal.
7
‘Obsolete Positions’ tab
List of deleted Positions. Positions can be reactivated from here. Show Usage.
8
‘Load Positions’ icon
Hover over the Menu icon to reveal options. Click this icon to display the ‘Load Positions’ window.
9
‘Bulk Update’ icon
Hover over the Menu icon to reveal options. Click this icon to display the ‘Bilk Update’ window.
10
Page Help icon
Click this icon to view basic information for working with the Security Centre page.
Procedures
Access the Security Centre
Note:
Only Administrators can access the Security Centre.
From the Main Menu select Maintenance | Security Centre. The Security Centre page is displayed.
Click the Load Positions icon, item 8 on the Security page. The Load Positions page will appear. Click the Create a spreadsheet template1 button.
A spreadsheet template will appear containing two tabs. Sheet1 2 contains the column names. This cannot be edited here, it must be downloaded first.
Click the Save As button 1 to display the Save As window. Choose a different file type 2 if required. Click Download3 to save the spreadsheet template in your local system (following your browser prompts).
Open this file on your local system with your spreadsheet editor and enable editing. The first tab on your downloaded spreadsheet contains every column for this Position Record that must be loaded with data. Proceed by entering your data here. Note: Take care when pasting from other sources into this spreadsheet; be sure to use the “Paste Value” option. The second tab, the Information tab, contains a guide TriLine GRC required values. This is a guide of specific values that must entered on the first tab. The values in Bold will match columns from the first tab. Non bold values Next to the Bold value are valid values that must be used in the matching column. Also take special notice of the Notes on the right hand side columns.
When you have completed entering the data in your spreadsheet, save the spreadsheet, and close the spreadsheet program.
Back in TriLine GRC, click the Browse1 button and select the file you just saved.
With your file now showing 1, click the Load the Positions button 2.
If there is no errors with the data load, a success message will appear with a count of records loaded. If there is a problem with any data, the errors message will be displayed, and no data will be load. Correct the reported problem(s) and then attempt to load the spreadsheet again. You will need to repeat this process until all errors are resolved.
Note: If necessary, refreshed the page by pressing Ctrl F5.
Bulk Update Positions
Use Bulk Update Positions to bulk update existing positions to your TriLine GRC system.
Click the Bulk Update Positions icon, item 9 on the Security page. The Bulk Update Positions page will appear. Click the Create a spreadsheet template1 button.
A spreadsheet template will appear containing two tabs. Sheet1 2 contains the column names. This cannot be edited here, it must be downloaded first.
Click the Select Positions to Update1 button. A list of all Positions currently in your TriLine GRC system will appear. Select the Positions 2 requiring to be bulk updated. Click the Close3 button. The selected positions will appear in the template ready for download.
Click the Save As button 1 to display the Save As window. Choose a different file type 2 if required. Click Download3 to save the spreadsheet template in your local system (following your browser prompts).
Open this file on your local system with your spreadsheet editor and enable editing. The first tab on your downloaded spreadsheet contains every selected position and all columns that can be updated. Proceed by updating this data here. Note: Take care when pasting from other sources into this spreadsheet; be sure to use the “Paste Value” option. The second tab, the Information tab, contains a guide TriLine GRC required values. This is a guide of specific values that must entered on the first tab. The values in Bold will match columns from the first tab. Non bold values Next to the Bold value are valid values that must be used in the matching column. Also take special notice of the Notes on the right hand side columns.
When you have completed entering the data in your spreadsheet, save the spreadsheet, and close the spreadsheet program.
Back in TriLine GRC, click the Browse1 button and select the file you just saved.
With your file now showing 1, click the Load the Bulk Update button 2.
If there is no errors with the data load, a success message will appear with a count of records loaded. If there is a problem with any data, the errors message will be displayed, and no data will be load. Correct the reported problem(s) and then attempt to load the spreadsheet again. You will need to repeat this process until all errors are resolved.
Note: If necessary, refreshed the page by pressing Ctrl F5.
User Emails tab
When a Position is created or edited, there is the option to Send an Invitation email. Additional custom default text can be added to this message as required by your organisation.
