Given the sensitivity and confidentiality of the information within the Operational Resilience module, access to the action menu for entities within the module is currently restricted. Only users who are module Administrators or Owners of the entities will have comprehensive access. This ensures the security and integrity of critical data.
Set up Operational Resilience Administrator role
Only personnel with full system Administrator rights can view or access the Maintenance menu and the Security Centre.To assign a user as Operational Resilience Administrator, please set up the role in Drova GRC system following the steps below:
Navigate to the Maintenance area along the top ribbon menu.
Select the Security Centre option in the Maintenance menu.
Select the Positions tab and search for the position or name of the user you want to grant Administrator permission to.
Select the first icon (show Security Group membership) in the action menu on the left of that position column to see the list of Security Group that person currently has.
Select the checkbox next to Administrators - OpRes security group and click on the Save button on the left.
Security permissions for different roles in the module
Please refer to the following table on what action an Administrator and a Non-admin user can perform in the module:
Important Business Service (IBS), Critical Process (CP) and Resources
Permission | Administrator | Non-admin user | Note |
Create IBS | ✅ | ❌ | |
Delete IBS | ✅ | ❌ | Members of IBS Security Group with Edit rights also have the permission |
Edit IBS | ✅ | ❌ | Members of IBS Security Group with Edit rights also have the permission |
View IBS | ✅ | ✅ | |
Create CP | ✅ | ❌ | Members of IBS Security Group with Edit rights also have the permission |
Delete CP | ✅ | ❌ | Members of IBS Security Group with Edit rights also have the permission |
Edit CP | ✅ | ❌ | Members of IBS Security Group with Edit rights also have the permission |
View CP | ✅ | ✅ | |
Create Resource | ✅ | ❌ | |
Delete Resource | ✅ | ❌ | |
Edit Resource | ✅ | ❌ | |
View Resource | ✅ | ✅ |
Scenario Testing
Permission | Administrator | Non-admin user | Note |
Create Test Plan | ✅ | ❌ | |
Delete Test Plan | ✅ | ❌ | Test Plan Owner also has permission for their specific Test Plan |
Edit Test Plan | ✅ | ❌ | Test Plan Owner also has permission for their specific Test Plan |
View Test Plan | ✅ | ✅ | Test Plan Owner also has permission for their specific Test Plan |
Run Test (Creating a test) | ✅ | ❌ | |
Edit Test | ✅ | ❌ | Test Plan/Test Owner also has the permission for their Tests/ Tests belong to their specific Test Plan |
Delete Test | ✅ | ❌ | Test Plan/Test Owner also has the permission for their Tests/ Tests belong to their specific Test Plan |
View Test | ✅ | ✅ | |
Create Task in a Test Plan | ✅ | ❌ | Test Plan Owner also has permission for their specific Test Plan |
Delete Task in a Test Plan | ✅ | ❌ | Test Plan Owner also has permission for their specific Test Plan |
Edit Task in a Test Plan | ✅ | ❌ | Test Plan Owner also has permission for their specific Test Plan |
Create Task in a Test | ✅ | ❌ | Test Owner also has the permission for their specific Test |
Delete Task in a Test | ✅ | ❌ | Test Plan Owner, Test Owner and Task Assignee also have permission |
Edit Task in a Test | ✅ | ❌ | Test Plan Owner, Test Owner and Task Assignee also have permission |
View Task (both in Test Plans and Tests) | ✅ | ✅ |