Creating new security policies

If you must use more than one security policy to implement the security setup for your organization, leave the Global policy in its default state and complete the following steps.

1.	Select Administration > Security Policy Settings > Add a Security Policy.

2.	In the Policy Properties page, enter a name and description for the policy. The name must be unique.

3.	In the Roles section, enter the names and descriptions for the first two security roles planned for this policy. If you need more than two security roles, click Add Another Role.

4.	Click Save and Edit Permissions.

5.	Starting with the plan object type, configure each security role’s permission settings appropriately for each object type listed in the Access to field.

Tip: Use click + shift to select multiple cells.

6.	For projects, do the following:

a.	Configure the Add Projects and View Project in the List permissions for each object and security role.

b.	Select a template. The security policy now displays columns for the project roles that are listed in the Team Members section of the Project Roles tab of this template and displays access control sections for each of the template's tabs.

c.	Configure permissions for each tab in the template, including the custom tabs, for the project, object, and security roles.

d.	Repeat steps b) and c) for each project template.

7.	For requests, do the following:

a.	Configure the Add Requests and View Requests in the List permissions for each object and security role.

b.	Select a project template. The security policy now displays columns for the project roles that are listed in the Project Request Recipient section of the Project Roles tab of this template and displays access control sections for each of the template's tabs.

c.	Configure permissions for each tab in the template, including the custom tabs, for the project, object, and security roles.

d.	Repeat steps b) and c) for each project template for which you want to configure custom permissions for requests.

8.	For marketing objects, be sure to configure permissions appropriately for each template.

9.	Click Save Changes when you finish setting all the permissions.

To disable the security policy at any time, click Disable. Disabling a security policy means that users cannot select it in any subsequent projects, requests, or approvals that users create and you can no longer assign users to the security policy.