View Changes to a User’s Permissions – the Permissions Change Log

Over time, it is likely that you will have a need to change some or all of a user’s permissions in order to give them access to additional areas of your system, or remove access to areas that they no longer need for their job role. This may be done on a temporary basis (e.g. to allow them to complete a specific one-off task) or permanent bases (e.g. due to role changes), and may occur either ad hoc or as part of a Formal Permissions Review. As a user’s permissions determines both what modules they can access and what they can do within those modules, it is important for you to keep track of any changes that have been made to that access, and that you are able to quickly identify when and by whom the changes were made. This is especially important where you have multiple System Administrators (i.e. users with ‘Admin’ to System Administrator: Administration), as all of those users will be capable of changing both their own permissions and those of any other user in your system.

To help you keep track of any changes, Activ maintains an automatic log of every change that is made to your user’s main system permissions. This information is stored within a dedicated Permissions Change Log, and can be reviewed at any time by anyone with ‘Admin’ permissions to the System Administration: Administrator area.

 

*****

 

To view a user’s Permissions Change Log, open the individual’s record on its Login Permissions tab and click on the Permissions Change Log button in the blue banner along the top of the tab.

Activ will open a register displaying any changes that have previously been made to the individual’s system permissions. Each change will be listed on its own line within the register, and all changes will be displayed chronologically by the date on which they were made. By default, all changes to the individual’s permissions will be included within the register, but if required you can user the filters at the top of the screen to narrow the results by a specific permission area, whether or not the change was made during a formal review, and when the change was made.

Each row within the register will contain the following information:

Changed Date – the date and time on which the change was made.

Changed By – the username of the person who made the change.

By Proxy? – in most cases, this column will be set to ‘No’ to identify the fact that the change was made by a normal user of your system. However, if a consultant or Reseller supports your management system, or a member of the technical support team is asked to assist you, they will typically log into your system by proxy rather than directly. If they modified a user’s permissions whilst proxy logged in, then ‘Yes’ will be displayed within this column to indicate that they are not a normal system user. This column is provided to give 100% traceability of who did what and when.

Permission Area – the area of the system that permission was changed for.

Previous Level – the permission level that was previously set for this area.

New Level – the level that the permission area was changed to.

Can Export? – whether the user was able to export data from the area after the area’s permissions were changed.