Certification
- archive: is allowed to change the state of a certification report to “Archive”
- certify: is allowed to mark the report as “Certified.” This is the final step and is typically restricted to the Partner’s CIO or other final certifier.
- delete: is allowed to delete a certification report. If the report is CERTIFIED, only the System Admin should be able to do this.
- review: is allowed to review the certification report on behalf of NSWERS; the related Cert Reviewer role should only be assigned to the “Default” tenant; Cert reviewer roles assigned to other tenants should be considered invalid.
- submit: is allowed to create and submit a new certification report.
- view: is allowed to list and view certification reports.
If the permission is found on the DEFAULT tenant, it is allowed to by-pass prefix checks; otherwise all access should be restricted to reports/files with 100% matching prefixes.
Leave a Reply