Contents
Introduction
The role of Access Controller
What is an Access Controller?
Can an organisation have more than one Access Controller?
How do we find out who our Access Controllers are?
How do we add/change Access Controllers?
What is the difference between our Organisation Authority and the Access Controller?
How do we update details?
How do I know what access I have?
If an Access Controller changes a user’s permissions does it impact any other organisations of the user has access to? (Multi organisation users only)
What happens when a user’s permissions are changed?
Changes to the Service Agreement Module
Permissions
Using this guide
Registration for My Agency
Updating user details and permissions in SAM
Navigate to the Service Agreement Module
Navigate to the Organisation Contacts tab
Edit a user’s details
Edit a user’s permissions
Enabling the Grant all standard permissions to all users option
More information
Guide to role based security for organisations1
Introduction
My Agency, the secure area of the Funded Agency Channel (FAC) website, provides registered users from funded organisations access to information about their service agreement. If you require access to FAC and/or are not a registered user, please refer to My Agency for non-DHHS staff on the FAC home page.
Within My Agency, the Service Agreement Module (SAM) allows funded organisations to access their service agreement information and to update some records and documents through interactive modules.
Currently, any registered organisation user can see all information, data and reports for their organisation in SAM and My Agency. This includes financial, performance and client information.
From 18 November 2017, role based security will be implemented in the Service Agreement Module (SAM). This enhancement allows Access Controllers in organisations to limit what service agreement information and reports their users can see in SAM and My Agency. This is consistent with the Privacy and Data Protection Act 2014.
Role based security introduces permissions which are controlled by the organisation’s Access Controller(s). Permissions assigned and maintained by the Access Controller determine what each user can see and do in SAM and My Agency.
The role of Access Controller
What is an Access Controller?
Withinyour organisation an Access Controller managesall organisation user contact details and permissions.Only Access Controllerscan edit fields in the contacts tab in SAM for your organisation.
Can an organisation have more than one Access Controller?
Yes. An organisation can have multiple Access Controllers.
How do we find out who ourAccess Controllersare?
In the contacts tab in SAM, the Access Controller column will have the checkbox ticked. This is a sortable field so you can bring the access controllers to the top of the contacts list if you would like to see them all.
How do we add/change Access Controllers?
Access Controllersare the only users that can add or remove the access control permission within SAM. All organisations must have at least one active Access Controller.
What is the difference between our Organisation Authority and the Access Controller?
The Organisation Authority (OA)is an eBusiness role. The OAapproves or denies access to all eBusiness applications including FAC. The Access Controller is a new role that manages the permissions of users once they have access to FAC and SAM.If you wish, you may nominate your OA to be your Access Controller.
How do we update details?
To update user details or permissions users will need to contact their organisation Access Controller. Access Controllers can update user information in the SAM contact tab.
How do I know what access I have?
On accessing SAM locate and view your contact tab. This will display each permission field that is checked. Hovering over the permissions will bring up a label with a brief description of the access provided.
If an Access Controller changes a user’s permissions does it impact any other organisationsof the user has access to? (Multi organisation users only)
Permissions are unique to each user for eachorganisation. Permissions may vary depending on the access you require in each of your organisations.
What happens when a user’s permissions are changed?
The user will either gain or lose access based on whether permission is added or removed. Changing permissions will generate a system email notifying the user of the change. The Access Controller is also notified of the change.
Changes to the Service Agreement Module
When accessing SAM the initial landing page is now the organisation tab instead of the agreements tab.
Once you select your organisation’sname via the blue hyperlink the contacts list will display.Anew default sort has been added which displays all active users prior to those with a status of old.
The following fields have been added to the contacts tab:
•User ID - This field is read-only for all users and is populated when a user’s access is approved by FAC.
•Access Controller - Users with this field checked have the ability to edit the seven new permissions that have been added to the user contacts row. The permissions are detailed in the table below which details the tabs and reports each permission controls.
The ‘Edit’ button has now been removed for all users except the Access Controller. Any updates to user details can only be undertaken by your organisation’s Access Controller
A new checkbox has been added to your organisation details area:‘Grant all permissions to allusers’. If checkedyour entire organisation’s active users have full permissions to viewall tabsand reports in SAM andMy Agency. If the ‘Grant all permissions to all users’ is not ticked then your user permissions may be edited by the Access Controller.
Permissions
Table of permissions and visible data
Permission / Associated tabs in SAM / Editable fields / Associated reports in My AgencyAccess Controller / All / Update permissions and contact details / All
Financial / Current agreements / Current financial year reports
Old agreements / Old version reports
Invoices / All structured reports
Contracts
Performance: Read only / Acquittal / Service delivery tracking
Health reports - performance against targets
Performance: Edit / Acquittal / Update and submit acquittal / Service delivery tracking
Health reports - performance against targets
Contact / Contacts / User details
Location / Locations / Not applicable
Compliance: Read only / Compliance / Compliance reports
Compliance: Edit / Compliance / Upload and submit SACC / Compliance reports
DTR viewer / Desktop Review / Not applicable
RIS / RIS client data / Client specific funding reports
Using this guide
This document includes information on the actions an Access Controllermay performin the Service Agreement Module.
It provides guidance to:
•Navigate to the contacts tab to edit personal information
•Update and maintain user permissions
•Select the option to grant all permissions to all users
A red box outline in each screenshot of this guide will identify the area you need to select, action or note. In the example screenshot below, the organisation name is being identified for selection.
Figure 1: Example screenshot
Registration for My Agency
My Agency is the secure area of the Funded Agency Channel (FAC) website where registered users from organisations can access funding and payment information about their Service agreement.
If you require access to FAC and/or are not a registered user, please refer to My Agency for non-DHHS usersin FAC <
Updating user details and permissions in SAM
Navigate to the Service Agreement Module
- Log into My Agency (via eBusiness). From the My Agency page, select: Service Agreement Module [External Link]
Figure 2: Screenshot of Service Agreement Module link
- A new window will open and the Service Agreement Module (SAM) will display. The Organisations tab at the top of the screen will default
Navigate to the Organisation Contacts tab
- Select the hyperlink (blue text) with the name of the organisation.
Figure 3: Screenshot of organisation name link
- The Organisations screen will open with a series of lower level tabs below the grey section. This will default to the Contacts tab.
Figure 4: Screenshot of Contacts tab
Edit a user’s details
- To edit a user’s details select the arrow on the far left side of the relevant user row. Please note that each row is unique to the user, NOT the job title. Do not update one person’s details with another.
Figure 5: Screenshot of selecting the users contact row
- Once the user row is selected all of the fields except User ID will become editable. Please ensure any changes are saved
Edit a user’s permissions
- To edit a user’s permissions select the arrow on the far left side of the relevant user row.
- The permissions are located on the right half of the contacts screen.
Figure 6: Screenshot of the access controller column and thenew permissions
- Theuser permissions can now be updated and saved Please refer to the Table of permissions and visible data before editing permissions.
Enabling the Grant all standard permissions to all users option
- The ‘Grant all permissions to all users’ option providesall users with unrestricted access in SAM and My Agency. This option cannot be selected if any user requires restricted access.
Figure 7: Screenshot of the ‘Grant all permissions to all users’ checkbox and save button
- Once the ‘Grant all permissions to all users’ option is selected and saved, permissions are no longer editable. This option can be deselected at any time by an Access Controller but if checked again all users will haveunrestricted access in SAM and My Agency.
- Please ensure all changes are saved.
More information
For more information about the introduction of role based security to the Service Agreement Module you can contact the Funded Agency Channel helpdesk on 1300 799 470 (select support option 1, then select option 5) or email us
To receive this publication in an accessible format, email: the Funded Agency >Authorised and published by the Victorian Government, 1 Treasury Place, Melbourne.
© State of Victoria, Department of Health and Human Services, November 2017.
Guide to role based security for organisations1