Best Practices

There are many ways to approach application access and security role definitions. The security framework is designed to provide the flexibility to meet the specific application security needs of your organization. To help you achieve a well conceived security model, consider the following best practices:

If you assign a security role permission to edit the properties of a work item in the work item hierarchy, that permission will be inherited by all of that work item's children. It is possible to restrict permission to edit an work item's children, but it is not possible to restrict permission to view an work item's children.