How do you grant case read access to Group Managers without making them group members?

Kohei Tominaga1 · 2 hours ago

In the COE Security Policy, it is possible to grant access permissions at the group level.
Users who belong to the group get the permissions, but group managers do not get any permissions by default.

One idea is to customize the ACL scripts that reference the COE Security Policy so that group managers are also granted access.
However, I would like to know how others are handling this situation.

Here is our specific need:

Group managers should:

Monitor operational health using the HR Manager Dashboard
Review HR cases when there are issues
Follow up with their group members

They need read-only access to HR cases, but they should not be assigned to cases.

If we add group managers to the group as members, cases may be automatically assigned to them by auto-assignment rules.
Because of this, we do not want to add them as group members.

However, due to the current behavior of the COE Security Policy, group managers cannot access the cases at all.

How are you addressing this requirement?
Any best practices or design patterns would be appreciated.

SANDEEP DUTTA · 37m ago

Hi @Kohei Tominaga1 ,

Even i faced this issue!!

Firstly, we should have a clear idea that, Access and Assignement are two diffrent things.

What i did was i separated the way for Assignment Group and Group who manages . I created a parallel group with similar Structure as Operational Group which was used for Assignment , just for access purpose.

Added members to this new group and finally assigned this group to COE Security Policy with Read access. And never used this group for any kind of assignment.

Thanks,
Sandeep Dutta

Please mark the answer correct & Helpful, if i could help you.