Creating a security policy

If you must use more than one security policy to implement the security setup for your organization, leave the Global security policy in its default state and complete the following steps.

Procedure

  1. Select Settings > Plan Settings > Security Policy Settings > Add Security Policy.
  2. On the Properties for <security policy name> page, enter a Policy Name and Description. The name must be unique.
  3. In the Roles section, enter a Name and Description for the first two roles that are planned for this security policy. If you need more than two roles, click Add Another Role.
  4. Click Save and Edit Permissions.
    The Permissions for <security policy> page displays. This page contains a table interface so that you can grant or block access to features for each role.

    You use the Access to list to select each object type, and then configure permissions for the roles in the security policy. See Editing the Global security policy.

  5. Click Save and finish.

    To disable the security policy at any time, go to the Security Policy Settings page and click Disable. Disabling a security policy means that users cannot select it in any subsequent projects, requests, or approvals that users create and you can no longer assign users to the security policy.