Skip to main content
Question
EOS Process
Jenny Leman
President
Asked a question 2 months ago

Working on our "Process" aspect of EOS and looking for any RBAC (Role-based access control) templates your orgs use to ensure security for internal users. I'd love to see what you all have that's been effective! Thank you!!!!

Sign Up Now to join the conversation!

Christine Watts
Head of Client Success & Product at Ninety.io

@Jenny Leman27 Not sure I have the perfect answer (since its not a pretty RBAC chart), but I am the admin in most of our tech systems and heading out on maternity leave this winter so recently went through a similar exercise of documenting access control. 

We use Ninety for process documentation (obviously :) ) and have a Core Process for "Administration". Under that, I created a Sub-Process for "Technology Admins". There I listed all the tools we use, semi-grouping them by department, but there is some overlap.

This lets anyone know who to reach out to if they feel they need access to a system. Helps because you can probably create a set of rules, but I am sure there will be exceptions, so I liked the idea of having all of our resources and who to go to in one place. 

Beyond that, we have each department own the roles that are given access to certain technology. So if you have a hiring process built out, you can include that as a part of the process. There you can document, if X role is hired, give them Y permission. (Works well for positions you will continually hire). You can continue to document for positions that can be in any department, like anyone that manages people, a Leadership Team Member, anyone that is an Admin Assistant, etc.

Happy to show you what we have if you are interested. 

Following!  Been wanting to see the same thing...  thanks for asking!