Roles

About Roles

Roles can be associated with numerous Security Groups. When a Security Role is assigned to a Security User, the user is granted all the privileges that have been granted to the Security Groups associated with the Security Role. Assigning Security Roles to Security Users is an efficient way to provide data permissions to the users that they will need to execute tasks in APM.

Important: To avoid granting unintended privileges to a Security User, before assigning a Security User to a Security Role, make sure that you review all the privileges granted to the Security Groups that are assigned to the Security Role. Additional Security Roles, as well as Security Groups assigned to existing Security Roles, can be added via Security Manager.
Note: Regardless of the Security Group membership, Super Users have access to all the APM features and functionalities.

The following table lists the baseline Security Roles available for the users within APM, the baseline Security Groups assigned to each Security Role, and the privileges associated with each Security Role.

RoleGroupRole Privileges
MI APMNow AdminMI APMNow AdminThe users can access Tools and certain administrative features.
MI Metrics Administrator
MI Policy Designer
MI APM ViewerMI ACA MemberThe users have the view privileges for most of the APM records.
MI AHI Viewer
MI ASI Viewer
MI ASM Viewer
MI Calibration Viewer
MI eLog Viewer
MI GAA Viewer
MI GE Viewer
MI Hazards Viewer
MI Inspection Viewer
MI LCC Viewer
MI Metrics Viewer
MI MOC Viewer
MI Policy Viewer
MI PROACT Viewer
MI Production Loss Accounting Manager
MI RBI Viewer
MI RCM Viewer
MI Reliability Viewer
MI Rounds Designer Viewer
MI SIS Viewer
MI Thickness Monitoring Viewer
MI Data Loader Admin MI Calibration AdministratorThe users have all the privileges applicable to the users assigned to the MI Data Loader User role. Additionally, the users can delete the data load configuration records and interface log records.

To use a data loader specific to a module, the users need additional permissions specific to that module. For more information, refer to the appropriate Mappings documentation.

MI CMMS Interface Admin
MI Site Reference User
  MI Data Loader User MI Calibration User The users can access to the Data Loaders feature, and can view, update, and create data load configuration records and interface log records.

To use a data loader specific to a module, the users need additional permissions specific to that module. For more information, refer to the appropriate Requirements Mappings documentation.

MI CMMS Interface User
MI Site Reference User
MI FE AdministratorMI GAA AdministratorThe users have all the privileges applicable to the users assigned to the MI FE PowerUser role. Additionally, the users have administrative privileges for the Generation Availability Analysis, Root Cause Analysis, Production Loss Analysis, and Reliability Analytics features.
MI Policy Designer
MI Policy User
MI Policy Viewer
MI PROACT Administrator
MI PROACT Team Member
MI Production Loss Accounting Administrator
MI Production Loss Accounting Manager
MI Production Loss Accounting User
MI PROACT Viewer
MI Production Loss Accounting Service
MI Reliability Administrator
MI Reliability User
MI Reliability Viewer
MI FE PowerUserMI GAA AnalystThe users have all the privileges applicable to the users assigned to the MI FE User role. Additionally, the users can:
  • Create, update, and delete Root Cause Analyses, Production Plans, Production Events, Production Losses, Production Analyses, System Reliability Analyses, Spares Analyses, Reliability Distribution Analyses, Probability Distribution Analyses, Reliability Growth Analyses, and Automation Rules.
  • Update Production Data and link Production Events to Root Cause Analyses.
  • Create and update GAA Events and GAA Performance records.
MI Policy User
MI Policy Viewer
MI PROACT Team Member
MI Production Loss Accounting Manager
MI Production Loss Accounting User
MI PROACT Viewer
MI RCM Viewer
MI Reliability User
MI Reliability Viewer
MI FE UserMI GAA AnalystThe users can access the GAA Company, GAA Plants, GAA Units, GAA Events, GAA Performance records, Root Cause Analyses, Production Loss Analyses, Production Analyses, System Reliability Analyses, Spares Analyses, Reliability Distribution Analyses, Probability Distribution Analyses, Reliability Growth Analyses, and Automation Rules features.

MI GAA Viewer

MI Policy User
MI Policy Viewer
MI PROACT Team Member
MI Production Loss Accounting User
MI PROACT Viewer
MI RCM Viewer
MI Reliability User
MI Reliability Viewer
MI Foundation AdminEveryoneThe users have all the privileges applicable to the users assigned to the MI Foundation Power role. Additionally, the users can configure mappings for the devices and view the SAP System records. In addition, the users have administrative privileges for the Catalog, Tasks, and ACA records features.
MI Devices Power Users
MI Devices Administrators
MI Devices Users
MI Recommendation Management User
MI Task Manager User
MI Task Manager Administrator
MI Site Reference Administrator
MI Site Reference User
MI ACA Administrator
MI ACA Member
MI ACA Owner
MI SAP Interface User
MI Configuration Role
MI Security Role
MI Catalog Administrator
MI Metrics Administrator
MI Policy Administrators
MI eLog Administator
MI eLog Contributor
MI eLog Viewer
MI Foundation PowerEveryoneThe users have all the privileges applicable to the users assigned to the MI Foundation User role. Additionally, the users can:
  • Save data from the devices in the APM database.
  • Create and manage the Site Reference records.
  • Update, add, and delete the ACA records.
  • View the SAP System records.
  • Add the users to the states.
  • Remove the users from the states.
MI Devices Power Users
MI Devices Users
MI Recommendation Management User
MI Task Manager User
MI Site Reference User
MI Policy Designer
MI ACA Member
MI ACA Owner
MI SAP Interface User
MI Power User Role
MI Metrics User
MI eLog Contributor
MI eLog Viewer
MI Foundation UserEveryoneThe users can:
  • Send and receive data from the devices.
  • Create and manage the recommendations
  • Create and update the tasks.
  • View and create the ACA records.
  • View the KPIs, Scorecards, and Metric Views.
  • View the SAP System records.
MI Devices Power Users
MI Devices Users
MI Recommendation Management User
MI Task Manager User
MI ACA Member
MI Policy User
MI ACA Owner
MI Metrics User
MI SAP Interface User
MI eLog Contributor
MI eLog Viewer
MI Health AdminMAPM Security GroupThe users have all the privileges applicable to the users assigned to the MI Health Power role. Additionally, the users can access the Rounds and Asset Health Manager features.
MI AHI Administrator
MI GE Administrator
MI Lubrication Management Administrator
MI Lubrication Management User
MI Operator Rounds Administrator
MI Operator Rounds Mobile User
MI Policy Administrator
MI Policy Designer
MI Health PowerMI Operator Rounds Mobile UserThe users have all the privileges applicable to the users assigned to the MI Health User role. Additionally, the users can create, update, and delete policies, policy instances, policy recommendations, and health indicator values.
MAPM Security Group
MI AHI User
MI Policy Designer
MI GE User
MI Lubrication Management User
MI Health UserMI Operator Rounds Mobile UserThe users can:
  • Access the Rounds Data Collection mobile features.
  • Create recommendations and acknowledge heath indicators in Asset Health Manager.
  • View policy data.
  • Create policy instances in Policy Designer.
MAPM Security Group
MI AHI User
MI Policy User
MI GE User 
MI Mechanical Integrity AdministratorCriticality Calculator The users have all the privileges applicable to the users assigned to the MI Mechanical Integrity Power role. Additionally, the users have the administrative privileges for the Thickness Monitoring and RBI features and can access the RBI data mapping and reference tables.
MI Inspection
MI Policy Viewer
MI RBI Administrator
MI RBI Analyst
MI RBI Calculation Policy Viewer
MI RBI Recommendation Policy Viewer
MI RBI Risk Mapping Policy Viewer
MI Thickness Monitoring Administrator
MI Thickness Monitoring Inspector
MI Thickness Monitoring User
MI Mechanical Integrity PowerCriticality Calculator
  • The users have all the privileges applicable to the users assigned to the MI Mechanical Integrity User role. Additionally, the users can access the criticality calculator family and RBI features (except data mapping).
  • The users have the view privileges for all the RBI families.
MI Inspection
MI Policy Viewer
MI RBI Analyst
MI RBI Calculation Policy Viewer
MI RBI Recommendation Policy Viewer
MI RBI Risk Mapping Policy Viewer
MI Thickness Monitoring Inspector
MI Thickness Monitoring User
MI Mechanical Integrity UserMI InspectionThe users can access the T-Min Calculator, Archive Corrosion Rates, Exclude TMLs, and Renew TMLs features. Additionally, the users have basic access to the Inspection and Thickness Monitoring features.
MI Thickness Monitoring Inspector
MI Thickness Monitoring User
MI Mechanical Integrity ViewerMI Inspection ViewerThe users have view privileges to all the families used in Risk Based Inspection, Thickness Monitoring, and Inspection Management.
MI RBI Viewer
MI Thickness Monitoring Viewer
MI Safety AdminMI Calibration UserThe users have all the privileges applicable to the users assigned to the MI Safety Power role. Additionally, the users can create, modify, and delete all the records in Calibration Management, Hazards Analysis, LOPA, MOC, and SIS Management.
MI Calibration Administrator
MI Calibration Viewer
MI HA Administrator
MI HA Facilitator
MI HA Member
MI HA Owner
MI Hazards Viewer
MI MOC Administrator
MI MOC Viewer
MI SIS Administrator
MI SIS Engineer
MI SIS User
MI SIS Viewer
MI Safety PowerMI Calibration UserThe user can access the following records:
  • Initiating Event
  • Consequence Adjustment Probabilities
  • IPL Checklist
  • Active IPL
  • Passive IPL
  • Human IPL
  • Asset Safety Preferences

Additionally, the users have all the privileges applicable to the users assigned to the MI Safety User role, and can create, modify, and delete all other records in Calibration Management, Hazards Analysis, LOPA, and SIS Management.

MI Calibration Viewer
MI HA Facilitator
MI HA Member
MI HA Owner
MI Hazards Viewer
MI MOC Approver
MI MOC Viewer
MI SIS Engineer
MI SIS User
MI SIS Viewer
MI Safety UserMI Calibration UserThe users can access the Recommendations, Calibration Templates, Risk Threshold records, Protective Instrument Loops, SIL Assessments, and SIL Threshold records features. Additionally, the users can access, create, modify, and delete all other records in Calibration Management, Hazards Analysis, LOPA, MOC, and SIS Management. In MOC, the users can access, create, modify, and delete General Recommendations.
MI Calibration Viewer
MI HA Facilitator
MI HA Member
MI Hazards Viewer
MI MOC User
MI MOC Viewer
MI SIS Engineer
MI SIS User
MI SIS Viewer
MI Strategy AdminMI AHI AdministratorThe users have all the privileges applicable to the users assigned to the MI Strategy Power role. Additionally, the users have administrative privileges for the Reliability Centered Maintenance, Failure Modes and Effects Analysis, Asset Strategy Implementation, and Life Cycle Cost Analysis features.
MI AHI User
MI ASI Administrator
MI ASI User
MI ASI Viewer
MI ASM Administrator
MI ASM Analyst
MI ASM Reviewer
MI ASM Viewer
MI Calibration User
MI Calibration Viewer
MI Inspection
MI LCC Administrator
MI LCC User
MI LCC Viewer
MI Lubrication Management Administrator
MI Operator Rounds Administrator
MI RBI Analyst
MI RCM Administrator
MI RCM User
MI RCM Viewer
MI SIS User
MI Strategy PowerMI AHI AdministratorThe users have all the privileges applicable to the users assigned to the MI Strategy User role, and the administrative privileges for the Asset Health Manager feature.
MI AHI User
MI ASI User
MI ASI Viewer
MI ASM Analyst
MI ASM Reviewer
MI ASM Viewer
MI Calibration User
MI Calibration Viewer
MI Inspection
MI LCC User
MI LCC Viewer
MI Lubrication Management Administrator
MI Operator Rounds Administrator
MI RBI Analyst
MI RCM User
MI RCM Viewer
MI SIS User
MI Strategy UserMI AHI UserThe users have the view, create, update, and delete privileges for the Reliability Centered Maintenance, Failure Modes and Effect Analysis, Asset Strategy Implementation, Asset Strategy Management, and Life Cycle Cost Analysis features. Additionally, the users have the administrative privileges for Rounds feature, and view privileges for Asset Health Manager and Calibration Management features.
MI ASI User
MI ASI Viewer
MI ASM Analyst
MI ASM Viewer
MI Calibration Viewer
MI Inspection
MI LCC User
MI LCC Viewer
MI Lubrication Management Administrator
MI Operator Rounds Administrator
MI RCM User
MI RCM Viewer
MI SIS User

Obsolete Roles

The following roles have been deprecated:

RoleGroupRole Privileges
MI Analytics AdministratorMI Cognitive AdministratorThe users can view, create, update, and delete cognitions, cognition-related logs, and standard lists.
MI Analytics PowerMI Cognitive UserThe users can:
  • View, create, update, and delete cognitions.
  • View the cognition-related logs and standard lists.
MI APM Viewer

MI AMS Asset Portal Viewer

MI Health Admin

MI AMS Suite APM Administrator

MI Process Data Integration Administrator

The users have all the privileges applicable to the users assigned to the MI Health Power role. Additionally, the users can access the Rounds, Asset Health Manager, Process Data Integration, AMS Analytics, and GE Analytics features.
MI Health Power

MI AMS Suite APM Power User

MI Process Data Integration User

The users have all the privileges applicable to the users assigned to the MI Health User role. Additionally, the users can create, update, and delete policies, policy instances, policy recommendations, and health indicator values.
MI Health User

MI AMS Suite APM User

MI Process Data Integration User

The users can:
  • View GE and AMS Analytics data.
  • Create and modify AMS Asset recommendations.

Access the Security Roles Page

Procedure

In the module navigation menu, select Admin > Security Manager > Roles.
The Security Roles page appears.

Create a Security Role

Procedure

  1. In the module navigation menu, select Admin > Security Manager > Roles.
  2. In the left pane, select .
    The New Role workspace appears, displaying a blank Security Role form.

    -or-

    If you want to create a new subgroup, in the left pane, select the Security Role to which you want to add the subgroup, and then select New Role.

    The New Role workspace appears, displaying a blank Security Role form.

  3. As needed, enter values in the available fields.
  4. Select .
    The Security Role is saved.

What To Do Next

Security Role Records

Security Role records contain information related to each unique Security Role in APM. This topic provides an alphabetical list and description of the fields that exist for the Security Role family. The information in the table reflects the baseline state and behavior of these fields.

FieldData Type Description Behavior and Usage
CaptionCharacterA title or explanation that identifies the Security Role. A property that specifies how the Security Role is labeled throughout the software interface. Note that most captions can be localized.This field is required. You can enter text to define this value manually.

Description

CharacterA detailed description of the Security RoleThis field is optional. You can enter text to define this value manually.
IDCharacterThe ID for the Security RoleThis field is required. You can enter text to define this value manually.

Assign Security Users to Roles

Before You Begin

About This Task

This topic describes how to assign multiple Security Users to a Security Role on the Security Roles page. You can also assign multiple Security Roles to a Security User on the Security Users page.

Procedure

  1. In the module navigation menu, select Admin > Security Manager > Roles.
  2. In the left pane, select the Security Role that you want to assign to the Security User.
    The workspace for the selected Security Role appears.
  3. In the Security Users section, select .
    The Assign Users window appears, displaying the available users.
  4. Beside each Security User that you want to assign the to the Security Role, select the check box.
  5. Select .
    The updated Security Role properties are saved.

Remove Security Users from Roles

Procedure

  1. In the module navigation menu, select Admin > Security Manager > Roles.
  2. In the left pane, select the Security Role from which you want to remove Security Users.
    The workspace for the selected Security Role appears.
  3. In the Security Users section, beside each Security User that you want to remove, select the check box.
  4. Select .
    The selected Security Users are removed.
  5. Select .
    The updated Security Roles properties are saved.

Assign Security Groups to Security Roles

Before You Begin

About This Task

This topic describes how to assign multiple Security Groups to a Security Role on the Security Roles page. You can also assign multiple Security Roles to a Security Group on the Security Groups page.

Procedure

  1. In the module navigation menu, select Admin > Security Manager > Roles.
  2. In the left pane, select the Security Role that you want to add to the Security Group.
    The workspace for the selected Security Role appears.
  3. In the Security Group section, select .
    The Assign Groups window appears.
  4. Beside each Security Group that you want to assign the to the Security Role, select the check box.
  5. Select .
    The updated Security Role properties are saved.

Remove Security Groups from Roles

Procedure

  1. In the module navigation menu, select Admin > Security Manager > Roles.
  2. In the left pane, select the Security Role for which you want to remove the Security Group.
    The workspace for the selected Security Role appears.
  3. In the Security Groups section, beside each Security Group that you want to remove, select the check box.
  4. Select .
    The Security Groups are removed.
  5. Select .
    The updated Security Roles properties are saved.