Adding HR Department to ITSM Application using Multi-tenancy
ARS 7.6.04 SP3 & ITSM 7.6.04 SP2 We use ITSM for our IT support personnel and for our field users (SRM). We also have a custom app that we created using remedy that our HR Department and employees use on another server. What we are wanting to do is add the HR group to our ITSM app but keep their tickets separate due to sensitivity issues. I've been looking at setting up HR as their own company but then run into the issue of people records. The people records are for all company employees and they would use, and be used by both IT and HR. I'm not sure how to go about segregating the tickets between the two (IT & HR) so that IT personnel cannot see the HR tickets or how to handle the people records. Do I need to create a separate company or separate business units? Can anyone share his or her experience and advice on how to go about this? Any advice is appreciated. Thanks, Lynn P.S. I have the multi-tenancy document and have been through it but I'm still not sure which is the best route to go. ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
Re: Adding HR Department to ITSM Application using Multi-tenancy
You can setup: Company 1 - Allpeople Company 2 - IT Support Company 3 - HR Then setup company 2 & 3 to support company 1. This will give company 2 & 3 access to company 1. The problem will come with the data segregation part. On your Incident form field 6969 and 112 will setup your permissions for the record. These fields are set by workflow for the customer company, support group, and vendor group. Unrestricted Access is also added into there. You also have assignee and submitter permissions. If you have everyone under Company 1 then anyone that supports that company will see all the tickets, which is not your desired result. You have a couple options. You can replicate the people data across multiple companies, which is probably not ideal or you can setup a filter to lock down field 6969 and 112 on submit. Also you may have sensitive people data that HR needs to see but IT doesn't, so keep in mind that there are going to be additional lock downs on the people form. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Poston, Lynna To: arslist@ARSLIST.ORG Subject: Adding HR Department to ITSM Application using Multi-tenancy ** ARS 7.6.04 SP3 & ITSM 7.6.04 SP2 We use ITSM for our IT support personnel and for our field users (SRM). We also have a custom app that we created using remedy that our HR Department and employees use on another server. What we are wanting to do is add the HR group to our ITSM app but keep their tickets separate due to sensitivity issues. I've been looking at setting up HR as their own company but then run into the issue of people records. The people records are for all company employees and they would use, and be used by both IT and HR. I'm not sure how to go about segregating the tickets between the two (IT & HR) so that IT personnel cannot see the HR tickets or how to handle the people records. Do I need to create a separate company or separate business units? Can anyone share his or her experience and advice on how to go about this? Any advice is appreciated. Thanks, Lynn P.S. I have the multi-tenancy document and have been through it but I'm still not sure which is the best route to go. _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
Re: Adding HR Department to ITSM Application using Multi-tenancy
Thanks for the input Brian. I appreciate it. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Brian Pancia Sent: Tuesday, May 15, 2012 10:44 AM To: arslist@ARSLIST.ORG Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** You can setup: Company 1 - Allpeople Company 2 - IT Support Company 3 - HR Then setup company 2 & 3 to support company 1. This will give company 2 & 3 access to company 1. The problem will come with the data segregation part. On your Incident form field 6969 and 112 will setup your permissions for the record. These fields are set by workflow for the customer company, support group, and vendor group. Unrestricted Access is also added into there. You also have assignee and submitter permissions. If you have everyone under Company 1 then anyone that supports that company will see all the tickets, which is not your desired result. You have a couple options. You can replicate the people data across multiple companies, which is probably not ideal or you can setup a filter to lock down field 6969 and 112 on submit. Also you may have sensitive people data that HR needs to see but IT doesn't, so keep in mind that there are going to be additional lock downs on the people form. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Poston, Lynna To: arslist@ARSLIST.ORG Subject: Adding HR Department to ITSM Application using Multi-tenancy ** ARS 7.6.04 SP3 & ITSM 7.6.04 SP2 We use ITSM for our IT support personnel and for our field users (SRM). We also have a custom app that we created using remedy that our HR Department and employees use on another server. What we are wanting to do is add the HR group to our ITSM app but keep their tickets separate due to sensitivity issues. I've been looking at setting up HR as their own company but then run into the issue of people records. The people records are for all company employees and they would use, and be used by both IT and HR. I'm not sure how to go about segregating the tickets between the two (IT & HR) so that IT personnel cannot see the HR tickets or how to handle the people records. Do I need to create a separate company or separate business units? Can anyone share his or her experience and advice on how to go about this? Any advice is appreciated. Thanks, Lynn P.S. I have the multi-tenancy document and have been through it but I'm still not sure which is the best route to go. _attend WWRUG12 www.wwrug.com<http://www.wwrug.com> ARSlist: "Where the Answers Are"_ _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
Re: Adding HR Department to ITSM Application using Multi-tenancy
Similiar to what Brian mentions below, I think you have no other option than writing your own filter to overwrite the "row level access" fields during certain key incident events. However, you will also have to determine the business rules as to when you want to overwrite the access, and when you want to restore it. For example, (a) When HR people submit incidents, do you want all incidents to be restricted to HR for the entire incident lifecycle? (b) When other people submit incidents and they get assigned to HR, will this incident then only be viewable by HR? What about the incident owner? Will they still be able to view the incident? (c) Will HR ever assign the incident back to the owner or other groups during the incident lifecycle (ex. incorrectly assigned, minor work)? If so, you will have to restore the original incident permissions and invoke workflow to ensure that this is reset. If reset , how do you handle viewing any information by other groups that may have been entered by HR? This will have to be addressed. (d) Notifications during the incident lifecycle. Ensure that any notifications that might be sent to the customer, contact, or owner group that will prompt them to view the incident (in ITSM) will not be restricted by the permissions of the incident at that time. (e) Will there be similiar restrictions on any related Problems, Known Errors, Changes, etc. that might be related to this incident? (not sure of your scope) So, while technically possible (the beauty of Remedy!) , the above questions will also have to be addressed. Terry _ From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Brian Pancia Sent: Tuesday, May 15, 2012 10:44 AM To: arslist@ARSLIST.ORG Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** You can setup: Company 1 - Allpeople Company 2 - IT Support Company 3 - HR Then setup company 2 & 3 to support company 1. This will give company 2 & 3 access to company 1. The problem will come with the data segregation part. On your Incident form field 6969 and 112 will setup your permissions for the record. These fields are set by workflow for the customer company, support group, and vendor group. Unrestricted Access is also added into there. You also have assignee and submitter permissions. If you have everyone under Company 1 then anyone that supports that company will see all the tickets, which is not your desired result. You have a couple options. You can replicate the people data across multiple companies, which is probably not ideal or you can setup a filter to lock down field 6969 and 112 on submit. Also you may have sensitive people data that HR needs to see but IT doesn't, so keep in mind that there are going to be additional lock downs on the people form. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Poston, Lynna To: arslist@ARSLIST.ORG Subject: Adding HR Department to ITSM Application using Multi-tenancy ** ARS 7.6.04 SP3 & ITSM 7.6.04 SP2 We use ITSM for our IT support personnel and for our field users (SRM). We also have a custom app that we created using remedy that our HR Department and employees use on another server. What we are wanting to do is add the HR group to our ITSM app but keep their tickets separate due to sensitivity issues. I've been looking at setting up HR as their own company but then run into the issue of people records. The people records are for all company employees and they would use, and be used by both IT and HR. I'm not sure how to go about segregating the tickets between the two (IT & HR) so that IT personnel cannot see the HR tickets or how to handle the people records. Do I need to create a separate company or separate business units? Can anyone share his or her experience and advice on how to go about this? Any advice is appreciated. Thanks, Lynn P.S. I have the multi-tenancy document and have been through it but I'm still not sure which is the best route to go. _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
Re: Adding HR Department to ITSM Application using Multi-tenancy
Hi Terry & Brian, Can you tell me what field 6969 is? I've looked in the docs and cannot find anything. I know field 112 is assignee group but what is 6969? Thanks, Lynn From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Terry Bootsma Sent: Wednesday, May 16, 2012 4:42 PM To: arslist@ARSLIST.ORG Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** Similiar to what Brian mentions below, I think you have no other option than writing your own filter to overwrite the "row level access" fields during certain key incident events. However, you will also have to determine the business rules as to when you want to overwrite the access, and when you want to restore it. For example, (a) When HR people submit incidents, do you want all incidents to be restricted to HR for the entire incident lifecycle? (b) When other people submit incidents and they get assigned to HR, will this incident then only be viewable by HR? What about the incident owner? Will they still be able to view the incident? (c) Will HR ever assign the incident back to the owner or other groups during the incident lifecycle (ex. incorrectly assigned, minor work)? If so, you will have to restore the original incident permissions and invoke workflow to ensure that this is reset. If reset , how do you handle viewing any information by other groups that may have been entered by HR? This will have to be addressed. (d) Notifications during the incident lifecycle. Ensure that any notifications that might be sent to the customer, contact, or owner group that will prompt them to view the incident (in ITSM) will not be restricted by the permissions of the incident at that time. (e) Will there be similiar restrictions on any related Problems, Known Errors, Changes, etc. that might be related to this incident? (not sure of your scope) So, while technically possible (the beauty of Remedy!) , the above questions will also have to be addressed. Terry From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Brian Pancia Sent: Tuesday, May 15, 2012 10:44 AM To: arslist@ARSLIST.ORG Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** You can setup: Company 1 - Allpeople Company 2 - IT Support Company 3 - HR Then setup company 2 & 3 to support company 1. This will give company 2 & 3 access to company 1. The problem will come with the data segregation part. On your Incident form field 6969 and 112 will setup your permissions for the record. These fields are set by workflow for the customer company, support group, and vendor group. Unrestricted Access is also added into there. You also have assignee and submitter permissions. If you have everyone under Company 1 then anyone that supports that company will see all the tickets, which is not your desired result. You have a couple options. You can replicate the people data across multiple companies, which is probably not ideal or you can setup a filter to lock down field 6969 and 112 on submit. Also you may have sensitive people data that HR needs to see but IT doesn't, so keep in mind that there are going to be additional lock downs on the people form. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Poston, Lynna To: arslist@ARSLIST.ORG Subject: Adding HR Department to ITSM Application using Multi-tenancy ** ARS 7.6.04 SP3 & ITSM 7.6.04 SP2 We use ITSM for our IT support personnel and for our field users (SRM). We also have a custom app that we created using remedy that our HR Department and employees use on another server. What we are wanting to do is add the HR group to our ITSM app but keep their tickets separate due to sensitivity issues. I've been looking at setting up HR as their own company but then run into the issue of people records. The people records are for all company employees and they would use, and be used by both IT and HR. I'm not sure how to go about segregating the tickets between the two (IT & HR) so that IT personnel cannot see the HR tickets or how to handle the people records. Do I need to create a separate company or separate business units? Can anyone share his or her experience and advice on how to go about this? Any advice is appreciated. Thanks, Lynn P.S. I have the multi-tenancy document and have been through it but I'm still not sure which is the best route to go. _attend WWRUG12 www.wwrug.com<http://www.wwrug.com> ARSlist: "Where the Answers Are"_ _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"
Re: Adding HR Department to ITSM Application using Multi-tenancy
Sorry about that the field is Vendor Assignee Group (60900). If you look at the permissions on Incident ID it will give you all the fields that you need to look at for the lock downs. It should have something like Unrestricted Access, Assignee Group, Assignee, Submitter, Vendor Assignee Group. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Poston, Lynn Sent: Thursday, May 17, 2012 8:51 AM To: arslist@ARSLIST.ORG Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** Hi Terry & Brian, Can you tell me what field 6969 is? I've looked in the docs and cannot find anything. I know field 112 is assignee group but what is 6969? Thanks, Lynn From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Terry Bootsma Sent: Wednesday, May 16, 2012 4:42 PM To: arslist@ARSLIST.ORG Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** Similiar to what Brian mentions below, I think you have no other option than writing your own filter to overwrite the "row level access" fields during certain key incident events. However, you will also have to determine the business rules as to when you want to overwrite the access, and when you want to restore it. For example, (a) When HR people submit incidents, do you want all incidents to be restricted to HR for the entire incident lifecycle? (b) When other people submit incidents and they get assigned to HR, will this incident then only be viewable by HR? What about the incident owner? Will they still be able to view the incident? (c) Will HR ever assign the incident back to the owner or other groups during the incident lifecycle (ex. incorrectly assigned, minor work)? If so, you will have to restore the original incident permissions and invoke workflow to ensure that this is reset. If reset , how do you handle viewing any information by other groups that may have been entered by HR? This will have to be addressed. (d) Notifications during the incident lifecycle. Ensure that any notifications that might be sent to the customer, contact, or owner group that will prompt them to view the incident (in ITSM) will not be restricted by the permissions of the incident at that time. (e) Will there be similiar restrictions on any related Problems, Known Errors, Changes, etc. that might be related to this incident? (not sure of your scope) So, while technically possible (the beauty of Remedy!) , the above questions will also have to be addressed. Terry _ From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Brian Pancia Sent: Tuesday, May 15, 2012 10:44 AM To: arslist@ARSLIST.ORG Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** You can setup: Company 1 - Allpeople Company 2 - IT Support Company 3 - HR Then setup company 2 & 3 to support company 1. This will give company 2 & 3 access to company 1. The problem will come with the data segregation part. On your Incident form field 6969 and 112 will setup your permissions for the record. These fields are set by workflow for the customer company, support group, and vendor group. Unrestricted Access is also added into there. You also have assignee and submitter permissions. If you have everyone under Company 1 then anyone that supports that company will see all the tickets, which is not your desired result. You have a couple options. You can replicate the people data across multiple companies, which is probably not ideal or you can setup a filter to lock down field 6969 and 112 on submit. Also you may have sensitive people data that HR needs to see but IT doesn't, so keep in mind that there are going to be additional lock downs on the people form. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Poston, Lynna To: arslist@ARSLIST.ORG Subject: Adding HR Department to ITSM Application using Multi-tenancy ** ARS 7.6.04 SP3 & ITSM 7.6.04 SP2 We use ITSM for our IT support personnel and for our field users (SRM). We also have a custom app that we created using remedy that our HR Department and employees use on another server. What we are wanting to do is add the HR group to our ITSM app but keep their tickets separate due to sensitivity issues. I've been looking at setting up HR as their own company but then run into the issue of people records. The people records are for all company employees and they would use, and be used by both IT and HR. I'm not sure how to go about segregating the tickets between the two (IT & HR) so that IT personnel cannot see the HR tickets or how to handle the people records. Do I need to create a separate company or separate business units? Can anyone share his or her experience and advice on how to
Re: Adding HR Department to ITSM Application using Multi-tenancy
Awesome! Thanks Brian and Terry. I appreciate your input and help. Lynn From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Brian Pancia Sent: Thursday, May 17, 2012 9:15 AM To: arslist@ARSLIST.ORG Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** Sorry about that the field is Vendor Assignee Group (60900). If you look at the permissions on Incident ID it will give you all the fields that you need to look at for the lock downs. It should have something like Unrestricted Access, Assignee Group, Assignee, Submitter, Vendor Assignee Group. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Poston, Lynn Sent: Thursday, May 17, 2012 8:51 AM To: arslist@ARSLIST.ORG Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** Hi Terry & Brian, Can you tell me what field 6969 is? I've looked in the docs and cannot find anything. I know field 112 is assignee group but what is 6969? Thanks, Lynn From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG]<mailto:[mailto:arslist@ARSLIST.ORG]> On Behalf Of Terry Bootsma Sent: Wednesday, May 16, 2012 4:42 PM To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** Similiar to what Brian mentions below, I think you have no other option than writing your own filter to overwrite the "row level access" fields during certain key incident events. However, you will also have to determine the business rules as to when you want to overwrite the access, and when you want to restore it. For example, (a) When HR people submit incidents, do you want all incidents to be restricted to HR for the entire incident lifecycle? (b) When other people submit incidents and they get assigned to HR, will this incident then only be viewable by HR? What about the incident owner? Will they still be able to view the incident? (c) Will HR ever assign the incident back to the owner or other groups during the incident lifecycle (ex. incorrectly assigned, minor work)? If so, you will have to restore the original incident permissions and invoke workflow to ensure that this is reset. If reset , how do you handle viewing any information by other groups that may have been entered by HR? This will have to be addressed. (d) Notifications during the incident lifecycle. Ensure that any notifications that might be sent to the customer, contact, or owner group that will prompt them to view the incident (in ITSM) will not be restricted by the permissions of the incident at that time. (e) Will there be similiar restrictions on any related Problems, Known Errors, Changes, etc. that might be related to this incident? (not sure of your scope) So, while technically possible (the beauty of Remedy!) , the above questions will also have to be addressed. Terry From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG]<mailto:[mailto:arslist@ARSLIST.ORG]> On Behalf Of Brian Pancia Sent: Tuesday, May 15, 2012 10:44 AM To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: Re: Adding HR Department to ITSM Application using Multi-tenancy ** You can setup: Company 1 - Allpeople Company 2 - IT Support Company 3 - HR Then setup company 2 & 3 to support company 1. This will give company 2 & 3 access to company 1. The problem will come with the data segregation part. On your Incident form field 6969 and 112 will setup your permissions for the record. These fields are set by workflow for the customer company, support group, and vendor group. Unrestricted Access is also added into there. You also have assignee and submitter permissions. If you have everyone under Company 1 then anyone that supports that company will see all the tickets, which is not your desired result. You have a couple options. You can replicate the people data across multiple companies, which is probably not ideal or you can setup a filter to lock down field 6969 and 112 on submit. Also you may have sensitive people data that HR needs to see but IT doesn't, so keep in mind that there are going to be additional lock downs on the people form. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG]<mailto:[mailto:arslist@ARSLIST.ORG]> On Behalf Of Poston, Lynna To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: Adding HR Department to ITSM Application using Multi-tenancy ** ARS 7.6.04 SP3 & ITSM 7.6.04 SP2 We use ITSM for our IT support personnel and for our field users (SRM). We also have a custom app that we created using remedy that our HR Department and employees use on another server. What we are wanting to do is add the HR group to our ITSM app but keep their tickets separate due
