More Specific CAP Permissions (Create, Read, Update, Delete)
Currently, the "Can Manage CAPs?" checkbox allows a user to both Add and Delete CAPs. Allow for an Admin to specify if the user should be able to Create, Read, Update, and/or Delete CAPs.
Provide the ability to restrict visibility of CAPs by assessment ownership.
Subscriber should be able to assign read/write/edit permissions to each CAP.
CAP visibility would be restricted so that standard users would not see CAPs generated against assessments they are not assigned to.
Add a "organizational" and "assessment only" CAP identifier.
Using the custom role configuration, you can select full access or read only access to the CAP module.
Lat Kennedy commented
Enhanced access rights allows for reduced unauthorized changes to the data. Data is more secure and represents the true state of the information.
Brian Scheuber commented
Custom and/or itemized permission capabilities for a topic such as CAPs is very important. Minimum necessary permissions should be set to avoid unauthorized disclosures as well as prevent any unauthorized modifications. So yes I am in favor of this modification to grant Admins greater flexibility with permissions.