Typical permissions combination setups

Typically, you assign permissions combinations to the users in your IT organization based on their roles and responsibilities. The combinations suggested in the following table are defined by ITIL as typical and are used by the BMC Service Management Process Model (SMPM).

The following table is organized by application, role, and the permissions combination recommended for the role.

Application	Role	Permissions combination
Asset Management	Configuration Administrator	Asset Admin Contract Admin Purchasing User (needed only if you use the Purchasing module) Incident Viewer Problem Viewer Release Viewer Infrastructure Change Viewer Knowledge Viewer Optional permissions Contact Organization Admin This permission is needed only when the user must create Support Groups that manage CIs. Otherwise, grant them the functional role of Support Group Admin. Contact Categorization Admin This permission is needed only if the user must create and update the Product Categorization data structures for the CI data.
	Purchasing Agent	Purchasing User (needed only if you use the Purchasing module) Receiving User (needed only if you use the Purchasing module) Incident Viewer Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge Viewer
Change Management	Change Approver	Incident Viewer Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge Viewer Functional role required You must assign this functional role to the user in addition to the permissions. Infrastructure Change Approver Important: You can give this functional role to anyone who approves changes. It applies to all roles.
	Change Coordinator	Infrastructure Change User Incident User Problem User Release Viewer Contract Viewer Asset Viewer Knowledge Viewer Functional role required You must assign this functional role to the user in addition to the permissions. Infrastructure Change Coordinator
	Change Manager	Infrastructure Change User Incident User Problem User Release Viewer Contract Viewer Asset Viewer Knowledge Viewer Functional role required You must assign this functional role to the user in addition to the permissions. Infrastructure Change Manager
	Customer Representative	Task User Infrastructure Change Viewer Incident Viewer Problem Viewer Release Viewer Contract Viewer Asset Viewer Knowledge Viewer
Release Management	Release Coordinator	Release User Incident User Problem User Infrastructure Change Viewer Contract Viewer Asset Viewer Knowledge Viewer Functional role required You must assign this functional role to the user in addition to the permissions. Release Coordinator
Incident Management	Service Desk Analyst	Incident Master Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge User
	Specialist	Incident User Problem User Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge User
	Group Coordinator	Incident User Important: You can give a user Master permissions if full access to Incidents is required. Problem User Important: Give this individual Master permissions if they need full access to Problems, Known Errors or Solutions. Infrastructure Change User Release Viewer Contract Viewer Asset Viewer Knowledge Viewer
	Operator	Incident User Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge Viewer
	Operations Manager	Incident User Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge Viewer
	On-Duty Manager	Incident User Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge User
Problem Management	Problem Coordinator	Problem User Important: Give this individual Master permissions if they need full access to Problems, Known Errors or Solutions. Incident Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge User Functional Role You must assign this functional role to the user in addition to the permissions. Problem Coordinator
Service Level Management	Service Level Administrator	SLM Manager Contact Location Admin Contact Organization Admin Asset Admin Task User Incident Viewer Problem Viewer Release Viewer Contract Viewer Infrastructure Change Viewer Knowledge Viewer
	Service Level Manager	Incident User Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge Viewer
	Service Owner	Incident User Problem Viewer Infrastructure Change Viewer Release Viewer Contract Viewer Asset Viewer Knowledge Viewer

When you assign permissions, it is important to use only the minimum number of permissions that allow the person to perform their job. BMC strongly recommends that you have only one set of permissions combinations for any given role. There are only a few key permissions that a general application user needs to perform their duties. For more information about these key permissions, see Permission groups and application access.

Typical permissions combination setups

Comments