What are some best practices for setting up corp roles to balance peoples need for access with the security of the corp as a whole?
xkaraxis [ Editor ]
Without more details it's hard to give a detailed answer, but generally just don't be lazy.
To protect yourself and your corp members, make sure you aren't giving anybody more access than they absolutely need.
Use all seven available divisions to divide up your assets these aren't just for keeping your ammo and loot separate. Also consider the level of hangar access, you can set view/take/drop access separately so do so. Container access can be configured separately (i.e. somebody can take stuff from a hangar but not from a container in that hangar).
Similarly you can use the Junior Accountant role to allow somebody to view the wallet to balance your books but they can't take the isk.
Starbase hangars follow the same access rules as station hangars except that things can't be locked down. Ship Maintenence bays are all or nothing access so it may be best to not use them unless you have to.
If you want to streamline role assignment somewhat, you can create titles that are a combination of roles and then assign the titles to corp members. This is a goos way to avoid mistakes in assigning roles.
Lock down your BPOs. If they are locked they can only be taken out of the hangar after shareholders have voted AND the CEO has ratified the vote.
Directors can access everything. Don't assign this role unless you absolutely trust the person. Like, you would let them stay at your house while you are away level of trust.
Before you assign roles or titles for the first time test them with an alt. This can be done with a trial account and can save you a lot of pain.