1. Distinction Between Read-Only and Editable Content

The system shall enable specifying which information can be changed/modified in the textual business process knowledge base and which cannot be changed and must be kept as provided from the business process model.

Some of the knowledge information will be derived from model and should only be modified there by appropriate people to ensure proper governance and compliance. Also, it might be that specific information needs to be changed only in the model, e.g. process ID and name probably cannot be changed, while its description, links to external documents and similar information can be modified in a knowledge base.

2. Content Governance Based on User Permissions

The system shall support user permissions for views and editing contents.

In public administration sector it is unlikely that everyone is able to see and edit everything.

3. Information Access Autorization Based on Roles and Permissions

The system must protect the access to information so that only authorized users can access to a given set of data for reading or editing

This is related to roles in the public administration. Civil servants that are learning might be evaluated by their managers, so only managers must be able to access data related to what the civil servants are doing (e.g., results of the assessments of their acquired knowledge)  It should not be possible, for example, for a civil servant to look at the results of his collegue

The full scope has yet to be determined

The environment shall have a structure for implementing permissions and access rights for viewing and editing content. There shall be certain information in the textual business process model knowledge base which should be protected from change.

-