# Configuring Auditor Profiles & Qualifications (HSE, QMS)
QualityOne Vaults
enable you to simplify the process of identifying which personnel are authorized to perform specific roles on an audit
. Users can capture key demographic information about auditors, manage the qualifications required for an auditor to perform any given role on various types of audits, and ensure that only qualified auditors can be assigned to team roles on an audit.
## About Auditor Profiles & Qualifications {#about}
_Auditor Profiles_ capture demographic information about specific auditors in your organization. You can associate _Auditor Profiles_ to _Auditor Roles_ that define the various roles auditors may perform during different types of audits. Specify _Qualification to Complete_ and _Role Qualification Criteria Status_ to define the criteria that an auditor must meet in order to perform the tasks assigned to a specific _Auditor Role_. All of these are tied together by sections on an _Auditor Profile_ record's detail page that display an auditor's current and in-progress qualifications and audit history.
You can automate the creation of _User Role Setup_ records to automatically grant auditors rights to content across Vault once they qualify for certain roles by way of Matching Sharing Rules
.
As a result of fully utilizing this process:
* When populating an Audit Team, only authorized and qualified individuals are available for selection within each team role.
* Users can track the progress of any given auditor toward requisite qualifications in their _Auditor Profile_.
## Configuration Overview {#configuration}
Configuring your Vault to use Auditor Profile & Qualification Management involves the following steps:
1. [Configure matching fields][1]
2. [Configure a Vault job][2] for re-qualification status state change
3. [Configure the _Create User Role Setup_ action][3]
4. [Configure the _Remove User Role Setup_ action][4]
Note: Depending on your Vault’s creation date and which features are currently enabled and configured, some of the steps described in this article may be unavailable or already complete in your Vault.
## Configuring Matching Fields {#matching-fields}
To take full advantage of the Auditor Profile's security provisioning automation, you will need to be familiar with Matching Sharing Rules
, and your organization's security configuration. Configure the appropriate _Auditor Roles_ needed to support your organization, including matching fields
necessary for automatically creating appropriate _User Role Setup_ records, and the qualifications necessary to satisfy the roles.
## Configuring Vault Job {#vault-job}
Configure a Vault job
to handle the necessary state change on _Role Qualification Status_ records representing when re-qualification may be necessary.
## Configuring the Create User Role Setup Action {#create-user-role}
The _Create User Role Setup_ action populates a _User Role Setup_ record with the user, application role, and other fields used for dynamic access control
.
We recommend configuring an entry action to automate the creation of _User Role Setup_ records as users update _Role Qualification Status_ records. To configure the _Create User Role Setup_ action, assign
it to the _Role Qualification Status_ object, then do the following to add it as a user and entry action
to the _Role Qualification Status_ lifecycle:
1. Navigate to the required _Role Qualification Status_ object lifecycle state.
2. Under _User Actions_ or _Entry Actions_, click **Edit**.
3. Click **Create Rule** or **Create Entry Action**.
4. Select the **Create User Role Setup** action from the drop-down menu.
5. Select the **User Role Setup Object Reference Field**.
6. Select the **Matching Fields**.
7. Enter an **Action Label**.
8. Click **Save**.
When configuring the action, select the appropriate **User Role Setup Object** associated with the _Audit_ object. Each of the **Matching Fields** in the action's configuration is mapped to the corresponding fields in the _User Role Setup_ object when Vault creates the _User Role Setup_ record when users run the action.
We recommend you automate the removal of the access and permissions granted from this action by [configuring the _Remove User Role Setup_ action][4].
## Configuring the Remove User Role Setup Action {#remove-user-role}
The _Remove User Role Setup_ action deletes a _User Role Setup_ record according to the _Auditor Role Qualification Status_, and prevents users from assigning the associated auditor to new audit roles until the auditor requalifies for the _Audit Role_. Access removal only applies to new _Audits_ and does not impact any in-progress or already-assigned _Audits_.
We recommend configuring both types of actions, allowing for automated lapses in _Role Qualification Statuses_ to result in loss of access, as well as allowing Business Admins or managers to revoke access manually when appropriate.
To add the _Remove User Role Setup_ action to the _Role Qualification Status_ object lifecycle as a user action and an entry action
, assign it to the _Role Qualification Status_ object then do the following:
1. Navigate to the required _Role Qualification Status_ object lifecycle state.
2. Under _User Actions_ or _Entry Actions_, click **Edit**.
3. Click **Create Entry Action**.
4. Select the **Remove User Role Setup** action from the drop-down menu.
5. Enter an **Action Label**.
6. Click **Save**.
When configuring the action, select the appropriate **User Role Setup Object** associated with the _Audit_ object. This should be the same object you specified when configuring the [Create User Role Setup action][3].
[1]: #matching-fields
[2]: #vault-job
[3]: #create-user-role
[4]: #remove-user-role