This documentation supports the 23.3 version of BMC Helix Change Management.

To view an earlier version, select the version from the Product version menu.

Change Management permissions

While implementing the Change Management application, it is important to identify the people in your organization who need access to the Change Management application. Within the BMC Helix ITSM application, there are the following types of roles:

Related topics

Entering data in the people.xslx spreadsheet Open link

Change Management roles


Important

  • To edit a change request, you must have a write license for the Action Request System.
  • To view existing change requests or to submit a new change request, you must have a read license for the Action Request System.
  • You do not need any specific permission to add new work info or edit a work info that is not locked. However, you must belong to one of the change permission groups.
  • Except for the Infrastructure Change Config user, all other users can access the Product Catalog console from the Applications menu on the IT Home page of BMC Helix ITSM.
  • A user with Infrastructure Change User permission and the Change Approver's functional role can modify a change request without being a member of the assigned group.
  • Add licenses only for the features and number of users that correspond to your license entitlements. Your subscription or purchase determines your license entitlements.

Permission roles

Service Management applications use the concept of permissions groups to control access to the various BMC Helix ITSM or Smart IT applications such as forms, views, consoles, and functions. Permission groups are defined within the applications with a prescribed hierarchy. For example, the Master permission supersedes the User permission, which in turn supersedes the Submitter permission, which finally supersedes the Viewer permission. So, if you want to give access to a user to change requests, give access to one of these four permission group types depending on the requirements.

In addition to the above permission group types, you can use the Config permission group type for application administrative purposes in conjunction with any one of the above permission group types.

Basic access requirements

The following sections describe the basic permissions required to access the BMC Helix ITSM .

Types of accessDescription
IT  user

An IT  user is anyone who accesses BMC Helix ITSM with the change agent role.

Additionally, users accessing BMC Helix ITSM should have access to records belonging to one or more companies. Company access is defined in each user's People record, under Access Restrictions in the  Login/Access Details  tab. BMC Helix ITSM uses access restrictions to determine what company information is displayed on the Dashboard and in the Consoles.

Basic access requirements for a BMC Helix ITSM user might look like the following example:

Access restrictions defined + permissions for the change agent role

IT  administrator access

A IT  administrator (IT Admin) is anyone who performs BMC Helix ITSM configuration or administration activities. IT Admins have access to the Knowledge Template Styles and Screen Configuration options in the Configuration menu. For minimum access permissions, see  IT Admin permissions.

Change permissions

  • Infrastructure Change Master - Infrastructure Change Master is an administrator for Change Management. This level of permission is the highest access level for creating and updating change requests. The administrator must grant the Master permissions groups only to key personnel who own a process or who have full control over schedules. 
  • Infrastructure Change User - The Infrastructure Change Users perform the role of a change manager or change coordinator within the Change Management  process. You should grant these permissions to users who perform the role of a support group lead within the  Incident Management process or a problem coordinator role within the  Problem Management process, or both, and who might need to modify changes that result from Incidents, Problems, or Known Errors. Additionally, these permissions should be granted to users who perform the role of a continuity manager. 
  • Infrastructure Change Viewer - Infrastructure Change viewer permission is superseded by the Infrastructure Change Master and Infrastructure Change User permission. 
  • Infrastructure Change Submitter - Infrastructure Change Submitter permission is granted to Problem Coordinator and IT specialists to create change requests.

The following table describes the scope of the change permissions:

TasksInfrastructure Change MasterInfrastructure Change UserInfrastructure Change ViewerInfrastructure Change SubmitterRemarks, if any
Create change request(tick)(tick)(error)(tick)
Modify change request(tick)(tick)(error)(error)

The following conditions apply:

  • Only the user with Infrastructure Change Master permissions can modify the change request after the change request is closed. 
  • The user with Infrastructure Change User permission needs multiple conditions to modify the change request. For more information, see change user conditions.

View change requests(tick)(tick)(tick)(tick)
Create approval mappings(tick)(error)(error)(error)The use with Infrastructure Change Master cannot modify the class, status, and dates in the change request.
Modify approval mappings(tick)(error)(error)(error)
Create change templates(tick)(error)(error)(error)Users with the Infrastructure Change User permission and Support Group Admin functional role can create support group change templates
Modify change templates(tick)(tick)(error)(error)Users with the Infrastructure Change User permission and Support Group Admin functional role can modify support group change templates. For users with the Infrastructure Change User permission, modification of templates is restricted to those templates where the user is a member of the Authoring Group.
Create tasks within the change request(error)(error)(error)(error)
Modify the tasks within the change request(tick)(tick)(error)(error)The user with Infrastructure Change User permission can edit tasks if this user belongs to the assigned support group for that task, even if the user does not belong to the assigned support group for that change. 
Execute the change request to completion(tick)(error)(error)(error)


Modification of a change request by a Infrastructure Change User

A user with Infrastructure Change User permission can modify a change request if the following conditions are met:

  • Condition 1
  • Condition 2


  • Condition 3


  • Condition 4


Permissions required to configure BMC Helix ITSM: Change Management

Users with the Infrastructure Change Config permission can perform all change administration functions that include the following four components. The user with this permission access Mid Tier to make the configuration changes. 

ComponentFunctions
Change Management Configuration
  • Configure the Mid Tier Change calendar
  • Configure the change prioritization values
  • Configure the process flow next stage status transitions
  • Configure the change rules (general field enforcement and notification rules)
  • Configure the change risk factors
  • Configure the change templates
Foundation
  • Configure the approval process
  • Register applications that will use Command Automation Interface, or CAI (advanced feature)
  • Define commands, command parameters, and command parameter mappings for the CAI (advanced feature)
  • KPI—configure the Mid Tier Flashboards parameters
  • KPIconfigure and register the KPI titles (advanced option)
Requestor Console
  • Create and update the summary definitions

Task Management System

  • Configure the task assignment mappings
  • Configure the task group templates
  • Configure the task templates
  • Configure the variable templates

Best practice

Grant the Infrastructure Change Config permission to users requiring access to configure the component functions described in the preceding lists. Typically, you grant these permissions to a user performing the role of an Application Administrator.

Permissions required for a Change Agent

The following table lists the required permissions for Change Agents:

Important

  • Access to Change Management functionality in BMC Helix ITSM depends upon the level of permissions. For example, Infrastructure Change Viewers cannot create change requests, and users with only Infrastructure Change Submit or Infrastructure Change Viewer permissions cannot perform collision management or impact analysis. Users with Infrastructure Change User permission can perform these functions for change requests assigned to their support group.

  • In BMC Helix ITSM, users with Infrastructure Change User permissions can modify a change request if they belong to either the Change Manager group or the Change Coordinator group specified on the change request. In BMC Helix ITSM, a user with Infrastructure Change User permissions can only modify a change request if one of the following conditions is true:

    • The user has the change manager functional role and belongs to the Change Manager group specified on the change request.

    • The user has the change coordinator functional role and belongs to the Change Coordinator group specified on the change request

Category

Permission

Additional information

Change Management

At least one of the following permissions is required:

  • Infrastructure Change User

  • Infrastructure Change Master

  • Infrastructure Change Viewer

  • Infrastructure Change Submit

None

Asset Management

At least one of the following permissions is required:

  • Asset Viewer

  • Asset User

  • Asset Admin

With the optional Receiving User permission, Change Agents can also scan assets, compare them with a purchase order, and mark them as received. 

IT Admin permission

An IT Admin must have AR System Administrator permissions to perform screen configuration (for example, adding custom fields to Smart IT views) and to create knowledge template styles.

In addition, if an IT Admin provides administration for support groups in BMC Helix ITSM, that person needs Contact Organization Admin permissions. For more information, see  Foundation module permission groups Open link in the BMC Helix ITSM  documentation.

Change Management Dashboard User

Users with Change Management Dashboard User permission can view the Change Management Dashboard form.

Best practice

Grant these permissions to users performing the role of a change manager or change process owner.

Was this page helpful? Yes No Submitting... Thank you

Comments