Environment: Each of our custom FileNet Document Classes has 5 sets of groups assigned to the Security and Default Instance Security. They consist of:
+ Admins – have Full Control
+ Change Security – Has the ability to change Security applied to a document, but cannot add, modify or view documents/content.
+ Read – Can read Properties, security and View Content
+ Add – Same as read, but can Create Instance and modify Properties.
+ Del – Same as Add, but can also delete created documents
Question #1: On the RecordsElectronic Record – how does the Security and Default Instance Security need to be configured? Should Security match, mirror or be different from that assigned to the ROS DocClasses?
Question #2: Do the four IER roles need to be assigned to the Security or Default Security of the Electronic Records? If “Yes”, which permissions does each Role need to have?
Question #3: Are the four IER Roles only used for IER Desktop permissions (as opposed to accessing the records, dispositions, triggers (etc.) objects themselves?
Question #4: If a person has the ability to delete a Record, do they have to have the ability to delete the corresponding document as well? (Note: We plan to disable “Security Proxy”.)