hello,

We have German customers who request TISAX certification from their suppliers; TISAX is a set of requirements on security management on site and in applications.

Some of the requirements mentions :
+ The management process (allocation/change/deletion) for privileged user IDs is documented and established.
+ Privileged rights are allocated upon approval only

In Teamforge <=19.2, there is no workflow support to grant site admin permissions.

Since site admins can grant elevate other people to site admins, we can not demonstrate that we fulfill the 2nd requirement; even if we explain that the approval should be requested to the application owner, nothing in the tool prevents to grant someone else this permission.

A kind of approval workflow should be supported for site admin, similar to project permission requests.

Thanks
Cedric

by: Cedric Q. | over a year ago | Administration