To configure this feature:

1. Ensure the following features are configured:

   • Managing Users in Align
   • Using Functional Profiles
2. Navigate to Admin > Users & Groups > Permission Sets.
3. Select the appropriate Permission Set.

4. Select Objects.

5. Grant the following permissions:

   Object	Object Permission	Object Types	Fields	Field Permission
   crm_security_policy__v	CRED	All	All	Edit
   aln_functional_profile__v	CRED	All	crm_security_policy__v	Edit
   aln_roster_member__v	CRED	All	crm_security_policy_override__v crm_imported_security_policy__v	Edit

6. Navigate to Admin > Configuration > Objects > aln_functional_profile__v > Layouts.
7. Place the crm_security_policy__v field on the appropriate layouts.
8. Navigate to Admin > Configuration > Objects > aln_roster_member__v > Layouts.

9. Place the following fields on the appropriate layouts:

   • crm_security_policy_override__v
   • crm_imported_security_policy__v
10. Ensure the crm_security_policy_override__v field has an active outbound field mapping in the integration with Vault CRM.

When the next import occurs, active security_policy__sys records import as crm_security_policy__v records with the following properties:

• name__v = The value of the name__v field from the corresponding security_policy__sys record
• status__v = active__v
• crm_security_policy_status__v = active__v
• vault_crm_record_id__v = The value of the id field from the corresponding security_policy__sys record

Assigning Security Policies to Functional Profiles

Once security_policy__sys records have imported as crm_security_policy__v records, Align operational users can assign a security policy to multiple users at once using functional profiles:

1. Edit the appropriate aln_functional_profile__v record.
2. Use the CRM Security Policy field to search for and select the appropriate crm_security_policy__v record.
3. Select Save.

If a security policy associated with one or more functional profiles is deleted, the corresponding crm_security_policy__v record is not deleted during the next import. Instead, an error displays in the import log informing admins that the crm_security_policy__v record must first be disassociated from all functional profiles.

Manually Overriding a Roster Member's Security Policy

By default, individual roster members' associated security policy is inherited from their associated functional profile. However, Align operational users can override this functionality with a specific security policy per aln_roster_member__v record.

Roster members must be designated as Align-mastered in order to manually override their security policy.

To override a roster member's security policy:

1. Edit the appropriate aln_roster_member__v record.
2. Use the crm_security_policy_override__v field to search for and select the appropriate security policy.
3. Select Save.