Vault QMS can capture key demographic information about auditors, and manage the variety of qualifications that may be required for an auditor to perform any given role on various types of audits. This addresses scenarios where it can be difficult to know which personnel are authorized to perform a role on an audit.
You can also track and manage auditors’ progress towards qualifications (including the history of audits performed by that auditor) to assess eligibility of an auditor to perform various types of audits. Eligibility, in this context, is the automated creation of User Role Setup records, granting auditors rights to content across Vault by way of Matching Sharing Rules. As a result of fully utilizing this process:
- When populating an audit’s Quality Team, only authorized and qualified individuals will be available for selection within each team role of the audit.
- Progress of any given auditor towards requisite qualifications can be tracked and found within Vault’s Auditor Profiles.
With this feature fully configured, audit teams can have clarity on what qualifications are required for an individual to appropriately perform a specific role during an audit, and who within their organization meets those qualifications.
How Auditor Profiles & Qualifications Work
The Auditor Profile object allows management of identifying information about your organization’s auditors. Auditor Roles provide organizations a way to define what types of roles they need to identify in service of the various types of audits they perform.
Qualifications to Complete and Role Qualification Criteria Status then represent the criteria that an auditor must meet in order to be qualified to perform in a specific Auditor Role. All of these are tied together by a special section on the Auditor Profile object detail page, which surfaces the qualifications of the auditor: What qualifications they currently have, had in the past, or have started to work towards.
Vault creates Auditor History records when you add or remove a user from a Quality Team on the Audit object record.
Configuration Overview
While Auditor Profile configurations will vary between organizations, the configuration steps described below enable all benefits of the Auditor Profiles & Qualifications feature set. To take full advantage of the Auditor Profile’s security provisioning automation, you will need to be familiar with Matching Sharing Rules, and your organization’s security configuration.
- Add an Auditor Profiles custom object tab to be used for managing Auditors’ roles and qualifications.
- Add an Auditor Roles custom object tab to be used for defining Auditor Roles and their requirements.
- Add the special Auditor Role Qualification Status section to the Auditor Profile object page layout.
- Configure the Sync Auditor History action on the Auditor Profile object and object lifecycle. This action is only applicable to Vaults which have executed audits prior to the configuration and enablement of Auditor Profiles.
- Configure the Create User Role Setup action on the Role Qualification Status object lifecycle.
- Configure the Remove User Role Setup action on the Role Qualification Status object lifecycle.
- Configure the appropriate Auditor Roles needed to support your organization, including matching fields necessary for automatically creating appropriate User Role Setup records, and the qualifications necessary to satisfy the roles.
- Configure a Vault job to handle the necessary state change on Role Qualification Status records representing when re-qualification may be necessary.
Configuring the Sync Auditor History Action
When executed, this action populates the Auditor History object with records that are sourced from the Quality Team Member objects that are associated to the Audit object, detailing each time the auditor was added or removed from a Quality Team on an Audit record.
Enable the Sync Auditor History action on the Auditor Profile object. You can then configure the action as a user, entry, or event action in the Auditor Profile object lifecycle.
This action is only applicable to Vaults which have executed audits prior to the configuration and enablement of Auditor Profiles. It only needs to be run one time per auditor profile where the auditor in that profile has participated in Audits prior to the configuration of this feature.
Configuring the Create User Role Setup Action
Add the Create User Role Setup action to the Role Qualification Status object lifecycle as either a user action or entry action. Most configurations should follow the entry action approach, so that User Role Setup record creation is automated as Role Qualification Status records are updated.
The Create User Role Setup action populates a User Role Setup record with the user, application role, and other fields used for dynamic access control purposes. When adding the action, select the appropriate User Role Setup Object associated with the Audit object. Each of the Matching Fields in the action configuration are mapped to the corresponding fields in the User Role Setup object when the resulting User Role Setup record is created through the action.
If your configuration involves the automated granting of rights to qualified authors via use of the Create User Role Setup action, then you should consider configuring automated removal of those rights by configuring the Remove User Role Setup action.
Configuring the Remove User Role Setup Action
This action deletes a User Role Setup record when the Auditor Role Qualification Status enters a specific state. The Remove User Role Setup action is the opposite to the Create User Role Setup action, used to remove access from users who’ve had lapses in their qualifications. Add the Remove User Role Setup action to the Role Qualification Status object lifecycle as either a user action or entry action.
This action may be present as both action types in some configurations, allowing for automated lapses in Role Qualification Statuses to result in loss of access, as well as allowing Business Admins or managers to revoke access manually where appropriate. Such access removal only applies to new Audits. It does not impact any in-progress or already assigned Audits. The user whose qualification has been revoked by this action will not be selectable until requalified.
When adding the action, select the appropriate User Role Setup Object associated with the Audit object. This should be the same object defined in the correlated Create User Role Setup action.