Configuring Auditor Profiles & Qualifications (HSE, QMS)

QualityOne Vaults enable you to simplify the process of identifying which personnel are authorized to perform specific roles on an audit. Auditor Profile & Qualification Management lets you capture key demographic information about Auditors, track and manage auditor qualifications and roles, ensure that only qualified Auditors are assigned to auditor roles, and automatically assign Auditors to team roles in an audit once they qualify.

About Auditor Profiles & Qualifications

Auditor Profiles capture demographic information about specific Auditors in your organization. You can associate Auditor Profiles to Auditor Roles that define the various roles Auditors may perform during different types of audits. Specify Qualification to Complete and Role Qualification Criteria Status to define the criteria that an Auditor must meet in order to perform the tasks assigned to a specific Auditor Role. All of these are tied together by sections on an Auditor Profile record’s detail page that display an auditor’s current and in-progress qualifications and audit history.

You can automate the creation of User Role Setup records to automatically grant Auditors rights to content across Vault once they qualify for certain roles by way of Matching Sharing Rules.

As a result of fully utilizing this process:

  • When populating an Audit Team, only authorized and qualified individuals are available for selection within each team role.
  • Users can track the progress of any given auditor toward requisite qualifications in their Auditor Profile.

Auditor Profile & Qualification Management Objects

QMS and HSE use the following core objects to support Auditor Profile & Qualification Management:

  • Auditor Profile (auditor_profile__v): This object represents an individual Auditor.
  • Auditor Role (auditor_role__v): This object represents a role performed by an Auditor in an audit.
  • Auditor Role Qualification Criteria (auditor_role_qualification_criteria__v): This object joins the Auditor Role and Role Qualification Criteria objects.
  • Qualification to Complete (qualification_to_complete__v): This object represents the required qualification criteria an Auditor must complete.
  • Role Qualification Criteria (role_qualification_criteria__v): This object represents the criteria required to qualify for a role in an audit.
  • Role Qualification Criteria Status (role_qualification_criteria_status__v): This object represents the completion status of the Role Qualification Criteria.
  • Role Qualification Status (role_qualification_status__v): This object represents an Auditor’s role qualification status.

Configuration Overview

Configuring your Vault to use Auditor Profile & Qualification Management involves the following steps:

  1. Configure matching fields
  2. Configure a Vault job for re-qualification status state change
  3. Configure the Create User Role Setup action
  4. Configure the Remove User Role Setup action

Configuring Matching Fields

To take full advantage of the Auditor Profile’s security provisioning automation, you will need to be familiar with Matching Sharing Rules, and your organization’s security configuration. Configure the appropriate Auditor Roles needed to support your organization, including matching fields necessary for automatically creating appropriate User Role Setup records, and the qualifications necessary to satisfy the roles.

Configuring Vault Job

Configure a Vault job to handle the necessary state change on Role Qualification Status records representing when re-qualification.

Configuring the Create User Role Setup Action

The Create User Role Setup action populates a User Role Setup record with the user, application role, and other fields used for dynamic access control.

We recommend configuring an entry action to automate the creation of User Role Setup records as users update Role Qualification Status records. To configure the Create User Role Setup action, assign it to the Role Qualification Status object, then do the following to add it as a user and entry action to the Role Qualification Status lifecycle:

  1. Navigate to the required Role Qualification Status object lifecycle state.
  2. Under User Actions or Entry Actions, click Edit.
  3. Click Create Rule or Create Entry Action.
  4. Select the Create User Role Setup action from the drop-down menu.
  5. Select the User Role Setup Object Reference Field.
  6. Select the Matching Fields.
  7. Enter an Action Label.
  8. Click Save.

When configuring the action, select the appropriate User Role Setup Object associated with the Audit object. Each of the Matching Fields in the action’s configuration is mapped to the corresponding fields in the User Role Setup object when Vault creates the User Role Setup record when users run the action.

We recommend you automate the removal of the access and permissions granted from this action by configuring the Remove User Role Setup action.

Configuring the Remove User Role Setup Action

The Remove User Role Setup action deletes a User Role Setup record according to the Auditor Role Qualification Status, and prevents users from assigning the associated Auditor to new audit roles until the Auditor requalifies for the Audit Role. Access removal only applies to new Audits and does not impact any in-progress or already-assigned Audits.

We recommend configuring both types of actions, allowing for automated lapses in Role Qualification Statuses to result in loss of access, as well as allowing Business Admins or managers to revoke access manually when appropriate.

To add the Remove User Role Setup action to the Role Qualification Status object lifecycle as a user action and an entry action, assign it to the Role Qualification Status object then do the following:

  1. Navigate to the required Role Qualification Status object lifecycle state.
  2. Under User Actions or Entry Actions, click Edit.
  3. Click Create Entry Action.
  4. Select the Remove User Role Setup action from the drop-down menu.
  5. Enter an Action Label.
  6. Click Save.

When configuring the action, select the appropriate User Role Setup Object associated with the Audit object. This should be the same object you specified when configuring the Create User Role Setup action.