Using this role Corporate and Enterprise subscribers will be able to modify meta-data of components. This role is a powerful setup and it may have a massive impact. So please choose the assignment of the role wisely. The role is not required to use TrustSource but it may be used to speed up management of component meta-data, which remains a massive pain.
PLEASE NOTE: It will be required to accept additional terms. In case of questions feel free to reach out to our support team or your account executive.
Assigning the Role
To assign the role to a user, you must have subscribed to either a Corporate or an Enterprise subscription. In these subscriptions a user with "Account Admin" privileges can assign a user the role of Company Component Manager. Therefor go to > ADMINISTRATION > USER MANAGEMENT and select the user you want to assign the role. In the "Roles" section start typing or select the role from the dropdown. The system will confirm the successful assignment with a toaster message.
The user should be prepared that he will have to read and agree specific terms associated with the execution of the role. If you want to accompany the information about the role assignment with the information that the user will be allowed to agree to these terms, you will find the terms here (DE/EN), so you may let them being approved by your legal department upfront.
Using the Role
Given you have assigned a user the role of Company Component Manager, this user will have an additional report in the > INTERNAL > ANALYSE section called Critical Components. This report needs to be used.
At first Login
Before you start using the role, the first time, the user will have to confirm, that he understood the impact the role might have. Therefor a confirmation screen will be presented. There the user will be able to see the terms in German and English as well as to confirm that:
- He has read and understood the conditions under which he is using the role
- That changes will take effect immediately and may have consequences on the legal interpretation of following scans
- That he is aware that his activities will be logged to create the ability to revert activities but also to create a sense of responsibility
This will be required only the first time he is executing this report. However, it is a prerequisite to get access to the role's capabilities.
Changing Component Data
After confirming the understanding, the user will be able to initiate the Critical Components report in the INTERNAL > ANALYSIS section of the platform.
The report symbol will only be visible to the users with the role Company Component Manager.
The report follows the schema as most of the other reports. Select a project you want to support in the upper right corner and the report will list all components with insufficient meta-data. Clicking on the component name TrustSource will carry you to the default component details form with the right to modify the component as desired.
To learn more about component meta-data and component research, please refer to the compliance manager training.
PLEASE NOTE: The current implementation does not allow to make public components private. Please contact our support team to cover this case as it will require additional research.