Editing the Global security policy

If you can implement the security strategy for your organization with one security policy, use the Global security policy as your single policy. In most cases, you leave the default permissions set as they are for the Plan Administrator and Plan User system roles and add new security roles to implement your security goals.

1.	Select Settings > Marketing Operations Settings > Security Policy Settings > Global.

2.	Add the new security roles as follows:

a.	Click Add Another Role.

b.	Enter a name and description for the role.

c.	Repeat these steps for each role you need to add.

3.	Click Save and Edit Permissions. The Permissions page for the plan object type appears.

4.	Starting with the plan object type, configure each security role’s permission settings appropriately for each object type listed in the Access to field.

Tip: Use click + shift to select multiple cells.

5.	For projects, do the following:

a.	Configure the Add Projects and View Project in the List permissions for each object and security role.

b.	Select a template. The security policy now displays columns for the project roles that are listed in the Team Members section of the Project Roles tab of this template and displays access control sections for each of the template's tabs.

c.	Configure permissions for each tab in the template, including the custom tabs, for the project, object, and security roles.

d.	Repeat steps b) and c) for each project template.

6.	For requests, do the following:

a.	Configure the Add Requests and View Requests in the List permissions for each object and security role.

b.	Select a project template. The security policy now displays columns for the project roles that are listed in the Project Request Recipient section of the Project Roles tab of this template and displays access control sections for each of the template's tabs.

c.

Configure permissions for each tab in the template, including the custom tabs, for the project, object, and security roles. Remember that when configuring requests, the permissions you set for at least one of the recipient project roles should match those that you set for the Request Recipient object role.

d.	Repeat steps b) and c) for each project template for which you want to configure custom permissions for requests.

7.	For marketing objects, be sure to configure permissions appropriately for each template.

8.	Click Save Changes when you are finished.