Maintaining roles

Once you establish a role framework for your company, maintaining the system primarily involves assigning roles to--and revoking roles from--users. However, creating and modifying roles still plays an important part. Here are some suggestions for maintaining roles through time:

Establish policies about editing, activating and deactivating roles. For instance, your company may want to define exactly what job titles should have access to manage roles, or have a sign-off authorization procedure for editing roles.
Establish a regular interval of time at which you review the permissions assigned to each role, and audit users for role assignments.
It is important to accurately name and describe the role in the Role and Description fields. If you add permissions to--or delete permissions from--a role, review the Role name and Description fields to ensure they are still valid.
Keep a secure, printed-out table of of your current roles and what permissions are assigned to them.
Manually assign privileges associated with new releases of SmartTurn to roles only after reviewing the current roles matrix.
When SmartTurn releases new features that indicate new permissions for users, the new permissions appear automatically within the corresponding role permissions tabs. All newly released permissions default to unchecked, meaning not assigned. You can control access to newly released permissions by adding them selectively to roles at the time of the release. SmartTurn will provide the specifics in Release Notes.
You can also refer to some general tips for setting up roles and maintaining users in SmartTurn.