Skip to main content
Menu

We’re running into a challenge with permissions in Incident IQ. Right now, it seems like we’re creating a unique permission for nearly every individual/team, which is leading to duplicated permission levels and inconsistency.

We’d like to move toward a more standardized approach, where roles are clear and easier to manage. Some staff/teams need full asset and ticket access, some need only ticket access, some manage parts inventory, and some just need the ability to submit tickets. We want to define a few core roles that cover these scenarios without having to create a new permission for every user/team.

I’m curious: how have other districts handled this? Are there best practices for structuring permissions in Incident IQ, or templates for standardized roles that work well? Any strategies, examples, or lessons learned would be really helpful.

Thanks in advance for your input!

Hi @EEllison 317dc98 conroeisd ! Happy to talk through this with you.


Our best practice is to utilize Teams to assign permissions to said Teams. Would you be able to offer more information about what permissions are being duplicated and causing inconsistencies?


One thing to remember: Roles are really just a way to group individuals. The role does not ultimately drive what a user can or cannot do, the permission policy does. There are a few things hidden behind the thinking of role like visibility and dashboard display options.


If you could provide more details to the first question above, I can see if I can advise further.

Thank you!

 

The challenge I’m running into isn’t so much the Teams or Roles themselves, but rather managing the permission policies. For example, I’ll have a user reach out saying they need to perform a couple of specific actions, and instead of being able to quickly identify which permission policy already covers those needs, I find myself digging through multiple policies to figure out what’s overlapping or missing.

What I’m trying to avoid is creating so many different permission policies that it becomes unmanageable and we lose track of where a user should belong. Ideally, I’d like a clearer way to map permissions to Teams so that when someone requests access, I can say, “you need X and Y, so you belong in this existing policy,” instead of building new ones that may duplicate what’s already there.

Do you have any best practices or suggestions for tracking or consolidating permissions so they don’t spiral out of control?

Hi ​@EEllison 317dc98 conroeisd  thank you for that information. Sorry to ask more clarifying questions but what types of access are you speaking to specifically?

Login? Submit Tickets? Work Tickets? Assets Check In/Out?

Since permissions are are additive you could potentially be more granular in the naming of their permissions to assign permissions for those specific desired actions.

For example, one of my districts has a permission policy that gives login/submit to just a certain subset of users/roles.

 

Reply


Terms & ConditionsCookie settings
Incident IQ logo

Incident IQ is a service management platform built for K-12 school districts, featuring asset management, help ticketing, facilities maintenance solutions, and more.

Corporate Headquarters:
750 Glenwood Ave SE, Suite 320
Atlanta, GA 30316