AI Advisory

Access Rules

Define who can access protected capabilities and knowledge.

Purpose and access

Access Rules enforce authorization by role, department, resource, or other configured conditions. Only designated administrators should change them.

Access Rules page

Review or change a rule

  1. Open Access Rules.
  2. Locate the rule and verify its resource and current scope.
  3. Identify the users, roles, or departments affected.
  4. Confirm the business owner has approved the change.
  5. Apply the smallest permission set that satisfies the requirement.
  6. Save and test with an appropriate non-administrator account.
  7. Review Audit Logs to confirm the change was recorded.

A broad rule can expose confidential documents. Record the reason, owner, and review date for every access exception.

On this page