What is a breakdown?
Breakdowns enable you to group or filter indicator scores by a qualitative attribute such as Priority, Category, or Assignment Group. You can apply a breakdown on the Analytics Hub, in KPI Details, and on dashboards.
The values for each breakdown are called breakdown elements. For example, the Priority breakdown may have the elements Critical, High, and Low. Breakdowns are categorized as automated, manual, or external, depending on where these elements come from. Automated breakdown elements are specified in breakdown sources. Manual breakdowns have their elements entered manually to define an organization. Lastly, an external breakdown specifies the JDBC data source and SQL statement for retrieving breakdown elements.
Why is this an issue?
In a instance, a breakdown may report multiple elements within different departments; such information and its values are likely to contain sensitive information that should only be visible for managers like employee payrolls, incidents, project costs, etc.
How do I fix it?
All breakdowns that contain sensitive information should have their visibility restricted by Roles or Groups and Users. To implement this:
In the Access control tab, set who can see the breakdown, in either of the following ways:
- Restrict visibility by roles: Unselect Visible by all roles and select the Roles that are required to access the breakdown.
- Select the Groups and individual Users who can access this breakdown: You can select groups or users from a list, and you can select users by email address
These restrictions apply in all cases: seeing the breakdown in the list of breakdowns, seeing the breakdown in an Analytics Hub or dashboard, or using the breakdown when creating a widget.