Role Model
According to the ITAM role model, every service user gets a set of access rights to the service sections. Every role has its own restrictions on viewing, editing, and creating new records, as well as approving tasks.
All users of the ITAM service must have the itam_agent basic role; the service is not available to SimpleOne users without it. The rest of the roles in the table below incorporate the itam_agent role.
| Role | Role name in the system | Description |
|---|---|---|
| ITAM agent | itam_agent | This role is mandatory and is shared by all ITAM users. It gives read access to all ITAM tables. |
| ITAM admin | itam_admin | The user with this role can edit the asset records, created during the CMDB discovery process. |
| Nomenclature manager | itam_nomenclature_manager | The user with this role creates and edits the nomenclature records. |
| Responsible | itam_responsible | The user with this role can be assigned as the responsible for the assets in a given stock. |
| Operation specialist | itam_operation_specialist | The user with this role edits assets according to their life cycle stages. The user can create and perform all types of ITAM tasks as well as edit the following fields on the asset form:
|
| ITAM manager | itam_process_manager | The user with this role manages ITAM-related processes, but they do not perform the ITAM tasks themselves. Instead, they create, edit, complete, and cancel any ITAM tasks. |
| Contract manager | itam_contract_manager | The user with this role is responsible for asset contracts. They can create and edit asset contract records, as well initiate changing their states. |
| Contract approver | itam_contract_approver | The user with this role approves asset contracts. Approval requests for all ITAM contracts are always created for all users with this role. |
| Purchase agent | itam_purchase_agent | The user with this role can read purchase request records and related records as well as records in the platform purchase dictionary. The role includes itam_demand_agent. |
| Purchase manager | itam_purchase_manager | The user with this role manages the asset procurement process: they register, create, edit, and cancel asset purchase records. The role includes itam_purchase_agent. |
| Purchase approver | itam_purchase_approver | The user with this role is automatically assigned the task of reviewing an asset purchase request. The user decides whether to approve or reject the request. A user with this role can read purchase request records and related records. The role includes itam_purchase_agent. |
| Budget controller | itam_budget_controller | The user with this role can approve a functional budget for the purchase of assets within the framework of the organization budget model. They can also control budget expenses for specified cost centers. |
| Finance agent | itam_finance_agent | The user can view ITAM Actual Cost Item records and table records from the Budget section provided in the "out-of-the-box" version of the platform. |
| Finance manager | itam_finance_manager | The user with this role can access all financial documents and approve asset-related costs. |
| Demand agent | itam_demand_agent | The user with this role can read the demand and demand item records. This role includes itam_agent, fiscal_period_agent, and cost_center_agent roles. |
| Demand manager | itam_demand_manager | The user with this role has access to all assets and plans and coordinates approvals of the asset demands. The user with this role can be assigned to an ITAM Demand. This role includes itam_demand_agent, itam_nomenclature_manager. |
| Demand approver | itam_demand_approver | The user with this role is a mandatory approver of each ITAM Demand. This role includes itam_demand_agent. |
| Endpoint user | itam_endpoint_user | The user with this role can operate the endpoints for the inventory purposes. |
See the System Users article to learn how to assign a role to a user.
Available actions and required roles
| Task | Read | Create | Update |
|---|---|---|---|
| Registration | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
| Allocation | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
| Inventory | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_agent except itam_contract_manager, itam_process_manager or itam_operation_specialist (before the task enters the Complete state) |
| Change of responsible | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_process_manager specified in the Assigned user field, itam_responsible |
| Relocation | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
| Change of stock | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
| Return to stock | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
| Maintenance | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
| Upgrading | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
| Decommissioning | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
| Disposal | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
| Asset transfer | itam_agent | itam_operation_specialist, itam_process_manager, itam_responsible | itam_operation_specialist specified in the Assigned user field, itam_process_manager |
note
By default, ITAM does not provide deleting asset or task records. This action is also unavailable for users with the admin role.