Projects are made up of a security level, and security levels are made up of one or more security requirements. To truly understand projects, let us start with security requirements.
Security requirements are the bread and butter of the projects feature. A requirement is just something that a user can be certified for, such as U.S. Citizenship or ITAR Training. Certifying a user for one of these requirements in the system really just means an admin checking a box to say "yes, user X satisfies requirement Y".
Requirements do have additional properties beyond a name and description. A requirement may specify a max lifespan for certifications. For example, the ITAR Training requirement may only allow for users to be certified for up to a year at a time, meaning each user will have to be re-certified annually (at the minimum, certifications can be updated at any frequency). Additionally, some requirements may not require an expiration for certifications. For example, certifications for US Citizenship may be created with no expiration, meaning the user never has to be re-certified.
A security requirement is an individual requirement such as having a non-expired license. Users in the system obtain their security requirements from admins. Please understand that tiCrypt is not responsible for checking that Joe Smith has a non-expired license. Requirements are tools that are used within the system to help keep track.
A user can create a security requirement as seen below. The requirement can have an expiration as something such as a license does expire.
There are a variety of actions for a security requirement that populate on the left side by selecting on the requirement.
|Certify a user||Grant users the certification for this security requirement.|
|Edit||Edit the basic info of a security requirement.|
|Delete||Delete a security requirement.|
To grant someone a certification for a security requirement, select All User Certifications under the Project portion of the management tab and select the checkbox or checkboxes of the requirement. Apply it to as many users as necessary.