Product requirement: Role and department support for processes & systems
M
Main Newt
- Background/ Problem
Currently, processes and systems can only be assigned to one Responsible User.
In addition, roles already exist that are assigned to processes, but:
Roles cannot be used as filters
Departments are not structurally integrated
The API doesn't allow you to create or manage roles or departments
This creates the following problems:
Processes are not represented cleanly from an organizational point of view
Filtering by organizational units is not possible
Roles and departments must be maintained manually
Automated synchronization with external sources is difficult
This results in low transparency and poor navigability in the overview.
Objective 2
The platform should enable:
Assigning processes and systems not only to a user, but also to roles and departments
Filtering by roles and departments
Overview of these assignments
Managing roles and departments via the API
This allows organizations to model their structure correctly.
- Feature requirements
3.1 Overview (UI)
The following information must be visible in the process and system overview:
Responsible User
Assigned role (s)
Assigned department
Display requirements:
Roles are presented as a list or tags
Departments also as tags or their own column
If there are multiple roles → show all
example:
Responsible Roles Department process
Incident Management Max Mustermann Security Manager, SOC Analyst IT Security
- Filter function
Filter options must be extended to include:
Filter by
roller
Department
Responsible user (existing)
demeanour
Multiple selections possible
Combination with other filters is possible
Filters must work for both processes and systems
example:
filters:
Department = IT Security
Role = SOC Analyst
→ shows all relevant processes/systems.
- Data model
Entity: Role
Attributes:
id
Name
Description (optional)
relationship:
Role ↔ processes (many-to-many)
Role ↔ systems (many-to-many)
Entity: Department
Attributes:
id
Name
Description (optional)
relationship:
Department ↔ Processes
Department ↔ Systems
- API requirements
The API must support the following features.
Roles API
Create a role
POST /roles
payload
{
“name”: “SOC Analyst”,
“description”: “Security Operations Center Analyst”
}
Departments API
Create a department
POST /departments
payload
{
“name”: “IT Security”
}
attribution
Processes and systems must be able to be assigned roles and departments.
example:
PATCH /process/ {id}
payload
{
“roles”: ["SOC Analyst"],
“department”: “IT Security”
}
- Migration/ Transition
Current state:
Roles are already assigned to processes
Departments do not yet exist in a structured way
Transition:
Departments are created manually
Synchronization is then carried out via API
Existing roles are retained
Roles can also be filtered
- Non-goals
This change does not include:
role-based permissions (RBAC)
organizational hierarchies
automatic HR synchronization
- Success criteria
The function is considered successful if:
Roles and departments are visible in the overview
Filtering by roles and departments works
Roles and departments can be created via API
Processes and systems can be filtered organizationally
