Super User Authority
To add a new User, you must be a Super User for your business. The pre-requisites for being a Super User (also known as systems administrator) are that you are both:
- a senior trusted manager, probably a board director, and you understand the business an its processes
- You are a numerate computer literate and understand the business systms implications of giving different staff levels of authorisation to dotheir job
- You can effect change manangement in the organisation so that the written policies, business practice and commercial contracts all dovetail with the system you manage.
How to access User Admin
For Super Users, User Admin is to be found in the Admin menu. It is not visible or accessible to users who are not designated Super Users.
User Admin Permissions
This reference provides details of what all the permissions settings allow your users to do. It is a brief overview and it is expected that the Suepr User brings to it knowledge of the way the system has been customised for the organisation and the roles of staff for whom they are granting and revoking permissions.
NB AXLR8 support consultants are not allowed to add or change user access for you. However, our Support team are happy to help your named Super Users with the matter over the telephone or on a screenshare. Our staff cannot know who is and is not allowed to log in and perform different functions. Only your management know that. Also, there is the question of accountability. If a person could simply contact our support and say: “……add Sally as a user”, we often cannot authenticate the caller as your authorised representative. If we can authenticate the caller, and they are a Super User, they could have logged in and make the decisions themselves. The user acces they provide will be store in the audit trail. For example, we cannot be held responsible if the wrong finance permissions are provided to a user and the user does something fraudulent.
Staff Changes
You need to have a procedure for when staff join. You also need to have a procedure when staff leave. Any user who leaves your business should be retired from the system so that they cannot log in. Part of your business responsibilities as DC (Data Controller) under GDPR is to assure your systems access is restricted employees to the appropriate views of data for their job role. Check you have no ex-employees left in the active users list.
Conversely, as staff members change roles, you can add or change the permissions they have accordingly.