While implementing the Change Management application, it is important to identify the people in your organization who will need access to the Change Management application. Within the Remedy IT Service Management or the Smart IT application, there are two types of roles: - Permission roles
- Functional roles (see User roles in the change request lifecycle)
Important - To edit a change request, you must have a write license for the Remedy AR System server.
- To view existing change requests or to submit a new change request, you must have a read license for the Remedy AR System server.
- You do not need any specific permission to add a new work info or edit a work info that is not locked. However, you must belong to one of the change permission groups.
- Except
for the Infrastructure Change Config user, all other users can access the Product Catalog console from the Applications menu on the IT Home page of Remedy IT Service Management.
- A user with only Infrastructure Change User permission and Change Approver's functional role can modify a change request without being a member of the assigned group.
Permission rolesRemedy applications use the concept of permissions groups to control access to the various Remedy IT Service Management or Smart IT applications such as forms, views, consoles, and functions. Permission Groups are defined within the applications with a prescribed hierarchy. For example, the Master permission supersedes
the User permission, which in turn supersedes the Submitter permission, which finally supersedes the Viewer permission. So, if you want to give access to a user to change requests, give access to one of these four permission group types depending on the requirements. In addition to the above permission group types, you can use the Config permission group type for application administrative purposes in conjunction with any one of the above mentioned permission group
types.
Infrastructure Change MasterThe following sections describe the specific permissions and the level of access related to the Change application. Infrastructure Change Master is like an administrator for Remedy Change Management. This is the highest access level permission for creating and updating change requests. Important The
Master permissions groups should be granted in a limited fashion and only to key personnel who own a process or who have full control over schedules. Users with the Infrastructure Change Master permission can perform the following functions. For this, on the System Settings form, make sure that the value of Application permission model is set to Support group and
company.
Functions | - Create change requests.
- Modify all change requests and tasks independently of any functional roles or support group affiliations. Only the user with Infrastructure Change Master permissions can modify the change request after the change request is closed.
- Create and modify approval mappings.
- Create and modify change templates (modification of templates is restricted to those templates
where the user is a member of the Authoring Group).
- Edit tasks within the change request.
- Execute the change request to completion.
- Edit the change request after it is closed. The Infrastructure Change Master user cannot add new tasks or ad hoc approvers and also cannot change the class, status, and dates.
Additionally, users with Infrastructure Change Master permission can perform the following administrative functions (the same as the Change Config User):
However, if the Application permission model is set to Support group, any user with this permission can perform the same functions as that of a Change Manager or a Change Coordinator that belong to the assigned support groups.
|
---|
Best practice | Limit the use of these permissions to users playing a Change Manager role or a Change process owner requiring full access to all the change requests.
|
---|
Application user license type? | Fixed and floating Important: We recommend that you provide AR System Fixed and Change User Fixed licenses, since the Infrastructure Change Master is always monitoring and fixing change requests.
|
---|
Infrastructure Change UserThe Infrastructure Change Users perform the role of a Change Manager or Change Coordinator within the Change Management process. You should grant these permissions to users who perform the role of a support group lead within the Incident Management process or a problem coordinator role within the Problem Management process, or both, and who might need to
modify changes that result from Incidents, Problems, or Known Errors. Additionally, these permissions should be granted to users who perform the role of a Continuity Manager. An Infrastructure Change User who does not have the functional role of a Change Coordinator or a Change Manager for the assigned support group can modify the change request only till the change request is in the Planning In Progress stage (excluding changing the status). To execute the change request
(changing the status), the user must have a functional role of a Change Coordinator or a Change Manager for the support group to which the change request is assigned.
For example, Allen has the functional role of a Change Coordinator for the BackOffice support group. - When a change request is assigned to the BackOffice support group for the Change Coordinator Role, Allen can modify the change request and execute it to completion even if he
is not directly assigned as the Change Coordinator for that change request.
When a change request is assigned to the FrontOffice support group, Allen can modify the change request only till the change request reaches the Planning In Progress status. Tip Editing a change request implies that the change user can edit all the change attributes including the following: - Relationships
- Impacted Areas
- Requested For User (Customer Company)
- Change Location
- Task
- Operational/Product Categorization
- Financials
- Add Ad-hoc Approvers
- Business Time Segment
The Infrastructure Change User can edit all the change attributes, only if business rules allow to do so. For example, you cannot change the scheduled dates when the change request has reached the Scheduled status.
The
Infrastructure Change User can edit tasks when he belongs to the assigned support group for that task, even when he does not belong to the assigned support group for that change. For example, if Allen does not belong to assigned support groups for a change request, but he belongs to a support group to which the task is assigned, he can edit that specific task (for example, he can add a CI to that task). A task can be edited by any change user if that user is a part of the
assigned task group, irrespective of the status of the change request.
The following table lists the actions that the Infrastructure Change User can perform based on the permissions given to the user.
Permissions | Actions |
---|
The user belongs to the Change Manager, Change Coordinator, or the Change Requester's support group to which the change is assigned
| The user has the functional role of a Change Manager or Change Coordinator for the assigned support groups
| The user belongs to the Task Assignee support groups
| The user can edit the change request till the Planning In Progress stage (before the Planning is completed)
| The user can execute the change till the Completion stage (change status of the change request)
| The user can edit tasks beyond the Planning In Progress stage
| Yes
| Yes
| Yes
| Yes
| Yes
| Yes
| Yes
| Yes
| No
| Yes
| Yes
| Yes
| Yes
| No
| No
| Yes
| No
| No
| Yes
| No
| Yes
| Yes
| No
| Yes
| No
| No
| Yes
| No
| No
| NA
| No
| No
| No
| No
| No
| No
|
Important Users with the Infrastructure Change User permission and Support Group Admin functional role can create or modify support group change templates. Users with the Infrastructure Change User permission can perform the following functions:
Functions | - Create change request
- Modify change requests and tasks (with restrictions) based on the following functional roles and support group affiliations:
A user with this permission and no Change Management functional role, can only modify changes where the user is the Requestor or belongs to the Change Implementer Group. A user with this permission and the Change Coordinator Functional role,
can only modify changes where the user is the Requestor or belongs to the Change Implementer or Change Coordinator Group, or both. A user with this permission and the Change Manager functional role, can only modify changes where the user is the Requestor or belongs to the Change Implementer or Change Manager Group, or both.
|
---|
Best practice | Grant this permission to users performing the role of a Change Manager or Change Coordinator within the Change Management process. Also, grant this permission to users who play the role of a Group Coordinator within the Incident or Problem Management processes, or both, as they might need to create and modify changes that result from incidents, problems, or known errors.
|
---|
Application user license type? | Fixed and floating
|
---|
Infrastructure Change SubmitterUsers with Infrastructure Change Submitter permission can perform the following functions:
Functions | Important: - Users with these permissions cannot modify change requests.
- Unlike the Infrastructure Change user, a user with Infrastructure Change Submitter permissions does not need a license to submit the change request.
|
---|
Best practice | Grant this permission to users who must submit and view change requests. Typically, these permissions are given to problem coordinators and IT specialists, who often create change requests.
|
---|
Application user license type? | Read
|
---|
Infrastructure Change ViewerUsers with the Infrastructure Change Viewer permission can perform the following functions:
Functions | - Query all change requests.
- View change requests.
- Add a new work info to the existing change request.
Important: Users with these permissions cannot submit or modify change requests.
|
---|
Best practice | Grant this permission to users who need read-only access to view change requests. Typically, this permission should be given to most Remedy IT Service Management applications users (that is, users who do not already have the Master, User or Submitter permissions), so that they will be able to access information about changes being made to their infrastructure. This is also required in order to perform quick search on existing
changes.
|
---|
Application user license type? | None
|
---|
Infrastructure Change ConfigUsers with the Infrastructure Change Config permission can perform all change administration functions that include the following four components: Important The application user license type for Infrastructure Change Config is fixed and floating.
Component | Functions |
---|
Change Management Configuration
| - Configure the mid-tier Change calendar
- Configure the change prioritization values
- Configure the process flow next stage status transitions
- Configure the change rules (general field enforcement and notification rules)
- Configure the change risk factors
- Configure the change templates
| Foundation
| - Configure the approval process
- Register applications that will use Command Automation Interface, or CAI (advanced feature)
- Define commands, command parameters, and command parameter mappings for the CAI (advanced feature)
- KPI—configure the mid-tier Flashboard parameters
- KPI—configure and register the KPI titles (advanced option)
| Requestor Console
| - Create and update the summary definitions
| Task Management System
| - Configure the task assignment mappings
- Configure the task group templates
- Configure the task templates
- Configure the variable templates
|
Best practice Grant this permission to users requiring access to configure the component functions mentioned in the preceding lists. Typically, you grant these permissions to a user playing the role of Application Administrator. Change Management Dashboard UserUsers with Change Management Dashboard User
permission can view the Change Management Dashboard form. Best practice Grant these permissions to users performing the role of a Change Manager or Change process owner.
What permission always overrides all other permissions assigned to a user or group to which the user belongs full control no access change write?
"Deny" permissions generally take precedence over "allow" permissions. Permissions applied directly to an object (explicit permissions) take precedence over permissions inherited from a parent (for example from a group).
What permission always overrides all other permissions assigned to a user or group to which the user belongs?
Explicit permissions usually override inherited permissions.
Do Deny permissions override all other permissions?
You deny permissions (using explicit Deny) only to a specific user when it is necessary to override permissions that are otherwise allowed for the group to which this user belongs.
Do user permissions override group permissions?
Permissions applied directly to a user or object (explicit permissions) take precedence over permissions inherited from a parent (e.g., from a group). Permissions inherited from near relatives take precedence over permissions inherited from distant predecessors.
|