If BHE chooses, policyIQ log-ins can be integrated into the internal user directory (such as Active Directory) utilizing LDAPS integration. This requires just a few pieces of information to be exchanged by the BHE IT department and the policyIQ technical team. With this integrated, a user can log into policyIQ using his/her network log-in ID and password, and policyIQ will validate that log-in information to the BHE network. This can be set up for multiple network domains, if users do not exist within a single domain. Single Sign-On (SAML) Connection: It is also possible to integrate policyIQ with the BHE network log-ins for a true single sign-on, where users will not be prompted to log into policyIQ directly, but instead will be validated …show more content…
Is it possible to restrict users to a set list of documents or specific functions within an individual document? If so, describe how these features work. Yes. Every page in policyIQ has its own unique security, indicating which users (or groups of users) are permitted to read, edit, or review and publish that page. A “page” will be a single Control, Risk, Audit Test, etc. 4. Is there a separate security level available for a system administrator? Yes. As described above in Technical Capabilities #2, Site Administrator is the policyIQ role assigned for this purpose. It is also possible to create a custom security role, should BHE wish to have an individual provide system administration support, without full access. 5. Are audit trails available within the system to list functions performed and by whom? Yes. Every page, folder, template, group and user record has an audit trail that captures every change made, with the date/time and user stamp to indicate who made the change and when. Users with appropriate security access can view this information, and reporting is also available to pinpoint specific types of changes or to narrow down records to specific time frames. 6. How does the system ensure availability, security and privacy of data on shared