Effective governance, whether at a public or private level, is increasingly focused on data security and privacy.
Trisk was originally developed to automate the information collection process in the preparation of multi-national corporate income tax returns. Lots of confidential information. Lots of eyeballs. Today, as Trisk expands beyond tax compliance to other information intensive applications, access to tasks, information, and data, are increasingly important.
The access management architecture within Trisk is best viewed as a matrix with three dimensions of control:
Roles – Each user is assigned a Role. Each Role is assigned permissions to perform actions within Trisk.
Workflows (an integrated series of tasks) – Performance of each task within a workflow is assigned to a Role.
Personas – View access to tasks and storage.
There are three levels of users within Trisk:
Tenant – The licensee of Trisk.
Client – Typically, the client or customer of the Tenant.
Member – A subgroup or lower-tier classification of the Client.
The Tenant creates Roles and establishes permissions for each individual Role. This includes individual user Roles for the Tenant, Clients, and Members. These system-wide permissions include such actions as the ability to create forms and workflows and the ability to create Clients and users. This is where Tenants customize their Trisk application to create a Role for each level of user within their company or their client base. Trisk limits available custom permissions for Client and Member users.
Assignments and rights granted within individual workflows provide or restrict access to information “in flight.” That is to say, access to individual tasks within Workflows are assigned to Roles. The Workflow designer selects from a list of Roles when adding a task to a Workflow and indicates to which Role the task is assigned. If desired, the designer can also select additional Roles to read, write or submit a designated task.
Personas control access by Tenant users to Clients and/or Members. Think of this as the service team. If you have a team of three people servicing a client, each team member must be assigned a Persona for the client.
Dashboard – Only Tenant users assigned a Persona for a Client will be able to access the Client activity through “My Clients” on their dashboard menu. The Tenant user with the assigned Persona will be able to view all activity for the Client. (Note, however, that the Workflow assignments and rights control actions this user can take on a task-by-task basis.)
Garage access – Only Tenant users assigned a Persona have access to files saved in the Client’s Trisk Garage. This is access to files “at rest”.
If this sounds complex, that’s because it is. It’s granular on purpose. But it’s also simple. A three-pronged set-up process to ensure that your clients’ information is private. The best part is that once the set-up is complete, without any awareness or effort on the part of any user, they see what you want them to see. That’s it. Set it and forget it.
Trisk recognizes your commitment to your Client to keep their information private. It’s absolute. Trisk has done the heavy lifting by integrating strict access and data controls into it’s easy-to-use no-code platform.
