As part of the intelliHR platform, there are default permission groups that can be assigned to provide platform access to members of your organisation. Through the Permissions area in Settings administrators, using Strategic HR, have the ability to review the access provided by individual permission groups and also amend or add additional groups. The article below is designed to help administrators understand how to review and confirm current access, and if required create new permission groups.
This article covers:
Default Permission Groups
To view the default permission groups preset on your intelliHR platform, navigate Settings >> Permissions.
Strategic HR customers will see five available permission groups that can be assigned to employees and these are:
- Staff Member - these are the standard permissions for all team members. Staff Member permissions also include supervisor permissions. This is possible because intelliHR permissions work on the ability to view own (your own record), view subordinates (anybody that appears below you in the reporting tree) and view all. This permission group includes the option to view subordinates as needed by a manager, but this will only come into effect if there are employees reporting to that person.
- View and Manage Training Records for All - this simple but common permission group can be added to team members responsible for monitoring and recording training for employees across the organisation.
- HR Manager (Remuneration restricted to subordinates) - this permission group is designed for HR managers who may work in larger HR teams and should be able to complete administration tasks but should not have access to remuneration data for all employees. In conjunction with delegated access, this permission group allows you to provide members of the HR team wide-ranging access but crucially not the ability to view rem data or sensitive manager's log items about colleagues in the same team.
- Finance Team (Assign Analytics access to this group to allow finance access to reporting) - this permission group is primarily designed to be assigned to finance team members so that within Aanalytics access to remuneration analytics can be provided to all members of this permission group.
- System Administrator (Locked) - the system administrator permission group is locked and cannot be amended. Access to any new permissions will automatically be added to this permission group and those with this level of access and see and do everything on the platform.
Reviewing User Access
intelliHR has provided several ways for system administrators to review user access via permissions. These are:
- List Permissions... - This provides a list of all permissions enabled for the specific permission group.
- Assigned to... - This provides a list of all the people assigned this permission group.
- Assume as... - This allows the system administrator to assume a specific permission group as a particular person in order to see what that person sees when they log in to intelliHR.
To check what a team member can/cannot see and do on intelliHR it is recommended you follow the process below:
Checking Access
1. Navigate to the Profile of the team member whose access you want to check
2. Go to their User Account
3. Note the Permission Group assigned to them
4. Go to Settings >> Permissions
5. Click on the 3 dots to the right of the permission group assigned to that team member (as seen in step 3)
6. Assume as...
7. Select the name of the person you wish to assume as, and select Assume
8. You will see a banner at the top of the page stating the permission group you are logged in with and you can now click through the platform to test what, and who, this specific user can see and do when assigned this permission group.
Amending/Adding New Permission Groups
In the event you wish to amend an exisiting permission group follow the steps below:
1. Navigate to Settings >> Permissions
2. Click on the 3 dots next to the permission group Staff Member >> Duplicate
Note: It is possible to create permission groups from scratch and add specific permissions such as 'View Diary Notes', and then add this permission group to the team members user account, effectivily layering their access; however, by duplicated your staff member access that will form the base level of permissions for your users and adding or removing permissions from this duplicate the process of checking user access will be much easier because you will be able to follow the steps in the 'reviewing user access' section to check permissions.
3. Click on the new duplicated permission group (this will display with 'copy' on the end of the group name).
4. Select Edit
5. Amend the permission group name
6. Search Permissions for the additional permission you would like to provide and tick Allow on these
7. Once complete select Save
8. Once the new permission group is saved, follow the steps in the section 'Reviewing user access' to confirm the permission group will provide the correct level of access.
9. Assign the new permission group to the individuals that should have this amended access. This action can be completed via Settings >> User account or via the employee's Profile >> User Account.
If you wish to amend access for all employees it is suggested you follow the steps in this section and once you are happy with the level of access you can amend the original permission group to match your duplicate. This will allow you to test the amendments to the permission group prior to amending access for all.
Comments
0 comments
Please sign in to leave a comment.