In the “settings” module you can, among other things, access and edit users and departments in the portal. Here you can also find information for the account, as well as access the account’s settings and edit these. In addition, you will also find mail settings and custom elements.
All points under settings will be reviewed below.
In the sub-item “Users” you can see an overview of the users created in the portal. The overview looks like this:
- in the Invite a new user. Clicking here opens a form that will be reviewed below.
- Here you can import users and clicking here will open an option to import CSV.
- Here you can edit the user, and the form that opens is the same as the form that had to be filled out when creating the user. The form for creating a user will be reviewed below.
- This icon is permissions. By clicking here you get an overview of what permissions the user has. The overview is divided into administrator permissions, member permissions and visitor permissions. The permissions will basically reflect the role that you chose during creation, but here you can edit the specific permissions that the user gets.
- Here you can delete the user.
- This is an overview of the individual user, where you can see general information, which is the information that was entered when you created the user. You can also see if the user has accepted the invitation to the portal, when the user was created, and information about the last time the user was logged in.
When inviting a new user (1 in the picture above) or editing an existing user (3 in the picture above) the following form will open:
- Name of the user
- User’s email
- Role: Clicking here will open a window with the following different choices: administrator, member, or visitor. The most used is administrator that allows the user to create and edit. An example of when you can use the “visitor” function is, for example, if an accountant needs to get access to see information in the portal but should not be able to change anything in the portal.
- Select the user’s language. This will affect what language the portal will be shown in.
- User’s phone number
- Specify whether you want the user to log in with multi-factor authentication. We recommend this to increase the level of security. If desired, the icon on the right must be clicked on, as is the case on the example in the image.
- Here you can choose whether the user you create is an employee who should also be created as an employee. In this way, the portal automatically takes the entered information and creates the user as an employee as well. If the user is to be created as an employee, the icon must be clicked on, as in the above image.
It is possible for the user to access this information and edit it himself (except for point 7). This is done by clicking in the upper right corner of the portal on the username, where there is a small arrow. This will open a small menu in which to select the option “profile”. It will open a largely similar window.
By creating departments, you can create a better structure over the individual elements of the portal. It is optional whether you want to create departments in the portal. It can be helpful in the case that you want to create inspections for an individual department. The larger the company, the greater the need to use this feature, as there will be a greater need for segmentation and structuring in the portal.
In the sub-item “Departments” you can see an overview of the departments created in the portal. The overview looks like this:
- Create a department. When you click here, a window will open in which you need to specify the name of the department you want to create.
- Export departments to Excel.
- Edit a department. By clicking here, you can edit the name of the department, users associated with the department and whether users get notifications at department inspections.
- Here you can delete a department.
Here you can see all the information for the account you work in in the portal. Clicking on this sub-item opens a form.
The form looks like this:
- Fill in the VAT number of the company
- Fill in the company name
- Contact information for the company: the contact information could be the adress of the company, e-mail and phone number.
- Name of a possible data protection officer: A data protection officer or DPO is a data protection adviser, who informs and advices the data controller, data processor and the employees that process personal data, regarding their obligations in relation to the legeslation and supervises if the company complies with the legislation. Some companies are required to have a DPO, some choose it voluntarily and others do not have a DPO. A DPO is a title that entails essential requirements in connection with the task as data protection officer.
- Contact information on the possible data protection officer: This could be information such as phone number and email.
- Name of a possible data controller representative: The person who decides for what purpose and with what means the processing of personal data may be carried out is the data controller. The data controller is the decision-maker for who should have access to process the personal data. Roughly speaking, it is the data controller who decides over the data and has the ultimate responsibility – i.e. the one who decides the purpose, scope and methods for processing personal data.
- Contact information on a possible data controller representative: This could be information such as phone number and email.
When you open account settings you will see a menu of different items that can be set in this module.
The following points can be set:
By clicking on one of the fields in the menu, the item will unfold, and here you can access the specific settings for each item in the menu. You will also be able to edit some of the items elsewhere in the portal, such as inspection categories, which can be edited under the menu item “Inspections” in the menu bar on the left side of the portal.
- Enforce MFA: With this feature, you can choose whether this account should use multi-factor authentication as a default setting. If you turn this on, the users you create will have turned on by default to log in with multi-factor authentication. It will still be possible to turn it on or off for the individual user, despite your choice as the default setting here.
- Manage inspection categories: Here you can create categories within inspections. It’s not something you need to do, but it can be a feature worth using when you have a lot of inspections. This has an impact on creating inspections, where it will be possible to assign them a category and thus segment and structure your portal.
- Manage file categories: As with inspection categories, it is possible to create categories for files. It is not a thing you have to create, but it can be helpful if you have many files in the portal and want to organize and structure the files. If you want to delete a file category, you do this, by clicking on the drop down menu next to the category you want to delete.
- Standard descriptions: Here it is possible to create standard descriptions. When you want to create a standard description, click ‘create’ and a smaller form will open. You must first choose a title, and here we recommend that you choose a title that you can recognize the individual description by. Next, you need to fill in a field with the description itself, which should be the description you want created by default. Finally, choose which type it is. The creation of standard descriptions will have an impact on when you fill out, for example, work processes. In case you have made a standard description, it will be possible to click on this in the form, and it will automatically fill in fields for you, so you do not have to sit and copy this in yourself.
- Extended data: Here you can customize the portal within certain points. As a starting point, it is not necessary to manually adapt the portal, as the portal is set up to comply with the legislation, with the information required. If you want to customize parts of the portal, this is where it is done, by clicking the different icons on and off. If you are in doubt about whether and how your company should use the feature, we encourage you to contact us at GapSolutions
- Responsible users: Here it is possible to choose for a number of different parts of the portal whether to specify a responsible user. As an example, we could take whether a work process should ask for a responsible user, when it’s created. By default, this is always turned on, and the form for work processes will therefore have a field where you must specify the responsible user. If you turn this off, the form will no longer have this field. If you want a responsible user to be listed, you can choose below whether to see the responsible user in the overview of the work processes. To make your selections, click the icons on or off. It’s turned on when the icon is dark blue, and clicked off when the icon is grey. For larger companies, it may have a regulatory impact whether to disclose the responsible user. For example, in a work process, it is a requirement that there must be a person responsible. In larger companies, it will be necessary to specify who it is, while in small companies it will usually be the manager who is basically responsible. Therefore, choosing not to indicate a responsible user will not necessarily result in non-compliance with the law if it is always the manager who is responsible.
In this module, you can access email settings.
Please note that it is recommended to use your own mail server. By using your own mail server you avoid problems with spam and that employees may suspect emails of being attempts of phishing.
Below you can set the language of the emails and edit the emails that are sent out.
The page is divided into the following three points:
- Mail settings for control series
- Email settings for documents
- Mail settings regarding E-learning
Here you will have the opportunity to navigate the types of emails you want to access and edit by clicking on the item you want to access email settings for.
You can edit the mail, that is automatically sent when, for example, inspections are sent out. It is not necessary to edit these mails, as they are set up according to a standard description for sending inspections, but you can customize these, if you want it to say more, less or something else. It is possible to customize the emails in the three different types of mails sent out: Inspections, work processes and e-learning.
In the item data elements it is possible to go in and edit which data elements should be available for a number of different parts of the portal. This concerns work processes, IT systems / information assets, data recipients and risk assessments. Under this section, you can connect whether it should be possible to choose the type and, if so, which types should be connected to the different parts of the portal. For all four categories, you can turn on whether GDPR should be a data element (1). In addition, you can add other types if you want to use the portal for information security (2). To explain it better, we will use work processes as an example. If you want to create work processes that are not GDPR related, you can click on the ‘new types’ icon and a bar will appear where you need to press ‘add’ (3). This will open a form where you need to give the type you want to create a title. Next, choose which items to fill in in your work processes. The parts you can choose are like those in a GDPR work process – however, it will not be necessary to e.g., have a legal basis when you do not handle GDPR, and you can therefore avoid clicking these fields. It’s up to you to choose what information is needed for the type you want to create. This means that when creating a work process it will be possible to select type at the top of the form. When choosing a type the form will adabt according to what information you have selected to fill out for work processes of that type.