Currently in the CMP, when I assign a user to a step in the workflow, I have to share the entire Task with that user. Once the task is shared with the user, the user can change the status of any workflow step. This is a problem in an organization with clear distinction of teams/roles. For example, if I have a compliance team responsible for ensuring all assets are compliant with regulations, I want that team to manage the compliance workflow steps and no other users. But with the current way that permissions work, anyone can close the compliance workflow step. It seems that assigning users to workflow steps really only manages notifications, it has no bearing on permissions within the task. Additionally, there isnt even a way for me to see who closed a specific workflow step in any kind of bulk way. I would have to go to the task in question and review the history of the task. I cant create a report to keep track of who is closing steps.