RDI
Menu
Start with RDIAssess maturity

RDI workflow

Access Control & User Permission Management

the evidence system platform user management — role-based access levels, project/camera-level permission granularity, ability to add/remove external users — supports the administrative workflow of controlling who sees which feeds, for how long, with what capability.

Category
Security, Theft & Access Control
Frequency
Common
Confidence
High
Evidence records
10
Cost model
Qualitative

Trigger, activity, conclusion

01 · Trigger

New project set up on the evidence system; new stakeholder requires camera access; existing user's role changes; project reaches practical completion; or GDPR/data-privacy review requires access restriction.

02 · Activity

Configuring and maintaining user access permissions — adding/removing users, assigning roles, applying camera-level restrictions, setting access expiry.

03 · Conclusion

All active users have appropriately scoped access. Unauthorised or lapsed users removed. Configuration documented and compliant with data privacy obligations.

Workflow steps

  1. Step 01

    New project created on the evidence system platform; primary account administrator designated.

    Inferred
  2. Step 02

    Core project team members invited and assigned Admin/Manager roles.

    Evidenced
  3. Step 03

    Client representatives invited and assigned appropriate read-level access.

    Evidenced
  4. Step 04

    Subcontractor PMs added with project-specific/camera-specific restrictions.

    Evidenced
  5. Step 05

    External parties (insurers, H&S consultants) granted time-limited or project-specific access.

    Evidenced
  6. Step 06

    Access permissions periodically reviewed to confirm appropriateness.

    Inferred
  7. Step 07

    As project progresses, access adjusted based on evolving team composition.

    Evidenced
  8. Step 08

    At practical completion, access for temporary stakeholders removed.

    Inferred
  9. Step 09

    Post-completion, limited long-term access retained for defect investigation period.

    Inferred
  10. Step 10

    Access configuration documented for audit and GDPR compliance.

    Inferred

Evidence records

Recurring administrative workflow of managing who has access to which camera feeds across projects — confirming this is a distinct, actively managed workflow rather than a one-time setup.
Anonymized evidence record 43.1
Role-based access configuration where only Read+Share users can view full video — illustrating the operational specificity of permission management decisions that must be actively maintained.
Anonymized evidence record 43.2
Gate Report data ring-fenced from client-level users (OPW) — demonstrating that access management has direct commercial and GDPR implications that must be actively managed throughout the project lifecycle.
Anonymized evidence record 43.3

ROI model

Qualitative workflow

This workflow is currently represented as a qualitative benefit. A parametric cost model should be added only when the assumption set is credible.