Documentation Index

Fetch the complete documentation index at: https://docs.staedean.com/llms.txt

Use this file to discover all available pages before exploring further.

Security compliance

  • Published on Jun 25, 2026
  • 3 minute(s) read
Prev Next

Regulated industries require strict segregation of duties in all the activities/processes classified as GMP-critical that impact the quality of manufactured products.

By using STEADEAN Security and Compliance Studio (SCS), it is possible to fulfill the GMP guidelines related to segregation duties via configuration. This feature allows users to set up permissions depending on criteria.

Steps

To set up security compliance rules, users need to:

  1. Go to Security and compliance > Setup > Security compliance.

  2. In the Overview tab, create a new line and fill in the following information:

    1. Restriction code: alphanumeric value.

    2. Description: description of the restriction rule, for example, “Disable default order settings based on the item approval workflow”.

    3. Form name: form to which the restriction applies (for example, InventItemOrderSetup).

    4. All roles except: if enabled, the security compliance rule applies to all roles that have access to the selected form except those listed in the Roles Tab. If disabled, the security compliance rule applies to all roles listed in the Roles Tab.

  3. In the Roles tab, add the roles the security compliance rule applies or does not apply to, based on the All roles except checkbox.

  4. In the Data Source tab:

    1. Create a new line and select the table to which the restriction applies.

    2. Select one of the available options in the Access level dropdown menu:

      • Default: the default table access set for the role is not modified (for example, if the role has Read access to the form, it will still have Read access).

      • Disable selected: only the fields selected in the Fields tab are disabled.

      • Disable all except: all the table fields are disabled, except those listed in the Fields tab.

      • Read: the default access to the selected table is modified to Read access.

      • Edit: the default access to the selected table is modified to Edit access, but it does not allow to create/delete records.

      • Create: the default access to the selected table is modified to Create access, but it does not allow the deletion of records.

    3. Click the Query button to define any criteria to identify records to which the restriction applies (for example, based on the approval status of the item) and click OK. If the restriction applies to all records, leave the query empty.

    4. If Access level is “Disable selected”, list the fields to block in Datasource fields section. If it’s “Disable all except”, list only the fields to allow. all others are blocked.

  5. In the Form controls tab, select any specific controls (for example, buttons) that must be disabled for the defined data source by selecting them from the dropdown menu.

To apply the restriction, activate the security compliance rule by clicking the Activate button. Active security compliances cannot be edited. it is possible to deactivate them to apply the needed modifications.

Note

If Security and Compliance Studio (SCS) is not available, it is possible to use the legacy Security compliance form as part of the Life Sciences Supply Chain Management module. To use this feature, turn on the “Security compliance” configuration key and go to System administration > Security > Security compliance. Users may encounter minor differences compared to the SCS feature.

Here are some important considerations:

  • Performances might be impacted as the number of security compliance rules increases.

  • In the case of multiple roles assigned to the same user, the security compliance is aligned with the standard security logic, meaning that the role with the highest permission prevails.

  • Security compliance may not work if it is configured for forms and fields with built-in logic (for example, inventory dimensions).

Example

Scenario: Users are not allowed to unblock an item for purchasing (that is, update the Stopped parameters in the Default order settings form for an item) before the item approval workflow is completed.

Security compliance setup:

  • Form name: InventItemOrderSetup

  • All roles except: Yes

  • Roles: System administrator

  • Data source: InventItemPurchSetup

  • Access level: Disable selected

  • Query:

    • Table: Items

    • Field: State

    • Criteria: Completed

  • Field: Stopped

  • Form controls: blank

  • Active status: Active

The configuration means that all the users except the ones associated with the “System administrator” role will not be able to update the Stopped parameters in the Default order settings form > Purchase tab, thus unblocking the item for purchasing, before the item approval workflow is completed.

Steps

  1. Access the system as a user associated with the defined role (for example, “Product designer”).

  2. Go to Product information management > Products > Released products and select an item for which the approval workflow has not yet been completed.

  3. Switch to the Manage Inventory tab and click Default order settings.

  4. Verify that the Stopped checkbox in the Purchase order tab is disabled where the query condition is matched. Stopped checkboxes in the Purchase order, Inventory, and Sales order tabs are disabled where the query condition is matched.