Go to full article

Overview

Emersion Software Services is conscious of its responsibility to treats support requests pertaining to a user's security access levels in Cumulus with due care.

The aim of this policy is to:

  • explain how requests pertaining to security access control must be submitted to the Emersion support team in order to be valid
  • explain how Emersion Support responds to these types of issues and queries.
  • provide an escalation path for these types of requests.

Due to the sensitive nature of security and access controls, only valid requests will be acted upon.

Scope

Included in scope of this policy are requests to add, change or modify a staff user's level of access including:

  • module permissions
  • powers
  • org unit
  • roles
    • which role groups are attached to the user's assigned Org Unit.
    • which powers are enabled for any roles the user has been granted
  • credit access levels
  • Package groups and package catalogue roles that limit package plan access to a staff user based on role.

Document Information

Document Owner

Sharon Carpenter - Business Operations Manager

Last updated

 

Definitions

TermDefinitions
Emersion AdministratorA staff user who has a login to the service provider's Cumulus instance and has Admin Full Powers access..
Access controlsThis is used as an umbrella term to describe any mechanism that increases or reduces a user's access to functions, features, modules, screens, tabs and fields.
service providerA company that subscribes to, or uses, Emersion's platform directly or indirectly.


Valid Requests

A valid request meets ALL of the following criteria. The request:

  • is raised to Emersion support (via the SR) board in a ticket.
  • is from a requester who has a staff user who belongs to the company.
  • is from a staff user who is an Emersion Administrator.

Requests Made Via Phone

No access control requests are to be processed over the phone.  If the customer calls the Emersion Support Help Desk regarding an access control issue, support staff will:

  1. create a new SR ticket on the customer's behalf
  2. summarise the request in detail (within the ticket description)
  3. include a reference to our policy document on the EKB.
  4. request the Emersion Administrator for their confirmation that the information captured in the ticket is accurate and that authorisation to proceed with any changes is granted.
  5. authorisation MUST be obtained in writing in the ticket.


Responses

When responding to these requests, Emersion Support staff will ensure the request is valid during the triage process and will take one of two actions as set out below.

If Requester is not an Emersion Administrator

Emersion Support will:

Add the Emersion Administrators as internal participants on the SR ticket.

Direct the user to their Emersion Administrator for assistance.

If Requester is an Emersion Administrator

Emersion Support will act on the ticket, ensuring that information about the work we do is not ambiguous in any way and that any changes we make on the service provider's behalf are explicitly authorised.

The support team have no authorisation to provide additional support regarding these requests. 


Ticket Escalations

If you feel that our assessment is incorrect or we have not properly taken something into consideration, use our ticket escalation process.


Related Pages