To move non-stakeholders in the workflow to the next stage:
- Create/modify a policy workflow such that step 1 has ownership type of 'author' and step 2 has the ownership of 'reviewer' (ownership type can be any value.)
- Create a policy
- Create Role Permissions, provide the user the following permissions
- all assessment except for manage
- all policy except for manage
- all program except for manage
- all questionnaire
- all workflow
- Create two users 'usera' and 'userr' and assign to 'permissions' role
- Add policy ownership types, as users
- Author as 'usera'
- Reviewer as 'userr'
- Login as 'usera'
- Open assessment work flow created in step 2 and click workflow checkbox
- Click through the workflow
Expected: 'usera' should be able to proceed the stage 1 of the workflow but not stage 2.
Actual: 'usera' can proceed through all stages of the workflow.
Resolution: Most likely due to the permissions, users with ‘Manage’ type permissions will often have high level abilities in RiskVision. Remove the Control – Manage permission from this user and all other non-essential ‘Manage’ type permission. This should resolve the issue. File a case with the Product Support team if it does not.