System Security

Audit

Overview

To help maintain control over your organization’s daily operations, the FreeBalance Accountability Platform provides a powerful audit trail function that retains a complete record of all system operations.

In these features, users can search audit entries using several filter criteria for any Platform module. Filter criteria includes the following: Username, Audit Timestamp, Entity Name, Id Field, and Domain Event Type (insert, update, delete).
 
Also, users can configure some audit settings such as:
  • Enable or disable audited entities
  • Edit information about some entity fields for audit purposes

Audit Settings

Overview

Audit Settings is used to include or exclude a particular entity from the audit system, as well as to indicate which descriptive property of the entity should be shown in the Audit Entry form.

The form presents a list of all entities that were defined as auditable. After selecting one of the entities in the list, the user will be presented with a dialog box from where he/she can configure the above mentioned audit attributes for the entity. The discard button can be used to delete the changes made while the update button must be used to store any changes made. The buttons at the bottom of the main form are used enable or disable all entities irrespectively of their individual settings.

 

Navigation

Audit ► System Security ► Audit ► Audit Settings

By default, a list of auditing entities appears. Click over the entity want to set up.

 

Procedure
 
User: Admin
 

  1. System Administrator or Administrator of the institution has logged in to the system

  2. Audit Entries provides audit trail and records changes made to the instances of audit entities as part of transactions.

  3. System by default identifies critical entities as audit entities and records all changes made to instances of these entities

  4. System also allows users to define non-critical entities as audit entities through Audit settings where audit trail is also maintained on these entities.

  5. From the Audit Setting the administrator  can enable or disable audit trail for an entity.

Change Password

Overview

Users will be required to change their password upon initial login anytime thereafter. The FreeBalance Accountability Platform will ensure that the password users enter is of appropriate length and complexity to provide maximum security prior to the password change.
There are several other security features incorporated into the password changing process. For example, a given number of users previous passwords will be retained, and these passwords cannot be used again while they are still retained by the system. The new password will not be accepted if it is the same as the user ID or old password.

 

Navigation

Admin ► System Security ► Users ► Change Password

 

Change Password screen Field

Field

Description

Current Password

The current password of the user.

New Password

The new password which users want to create.

New Password Confirmation

Confirmation of the new password.

 

 

Security

Security Group

Overview

The purpose of a Security Group is to restrict the content that users can see throughout the application. For example, if a security group is created that specifies that a particular user will be able to see all information for Institution 001, then that user will only be able to view the information in Institution 001. Conversely, a Security Group may be created to specify that selected users can not access a selected dimension.
A security group is composed of Security Group Restriction(s) and Users assigned to it. Users may be indirectly assigned to a Security Group via their User Role, or directly related to the Security Group.
Only a ‘Super User’ or ‘Administrator User’ can create Security Groups.

 

Navigation

Admin ► System Security ► Security ► Security Group

 

Security Group screen Fields and Tabs

Field

Description

Code

Unique identification code manually entered by users or automatically generated based on parameters.

Language

The language used to register the description.

Description

Short description of the Security Group.

Security Group Restriction Tab

The Security Group Restriction Tab is used to include restriction information for the security group.

User Security Group Tab

The respective user for whom the security group is defined, is mentioned by this tab. This selected from the lookup button.

 

Procedure

User: Admin

 

  1. System Administrator or Administrator of the institution has logged in to the system. 

  2. Administrator goes to Security Group option

  3. The system administrator choose to create user group in the security module.  

  4. The system will display the form and the administrator will create a User Group for each role in the system.

  5. User fills out the Document Type information form presented by the system.

  6. User clicks ‘Save’ button to save the  information.

  7. The system will save the information and refresh the value in the list of User Group.

 
 
Procedure

Security Question

Overview

This entity decides differnt kind of security questions that an administrators decides as option in case of emergency for the users.

 

Navigation

Admin ► System Security ► Security ► Security Question

 

Security Group screen Fields and Tabs

Field

Description

Code

Unique identification code manually entered by users or automatically generated based on parameters.

Language

The language used to register the description.

Description

Short description of the Security Group.

Active

A checkbox with default value 'True'.Possible values True/False

Procedure

User: Admin

 

  1. System Administrator or Administrator of the institution has logged in to the system. 

  2. Administrator goes to Security Question option

  3. The system administrator choose to create Security Question in the security module.  

  4. The system will display the form and the administrator will create a Security Question for a particular user

  5. User clicks ‘Save’ button to save the  information.