‘System permissions’ is used throughout Activ’s user guides to refer to the level of access that is required to view a page or complete an action. It describes the level of authority that a user has within your system, and can be fully customised for each employee. In addition, these permissions are set separately for each module that is included within your package, and in many cases it is possible to individually set permissions for each component within a given module (e.g. for the Controlled Documents and Records Libraries within the File Manager module). This allows you to fully tailor your users’ access according to each individual’s role or seniority within your company.
Since an individual’s role may change over time, Activ enables you to modify each user’s permissions as often as required, allowing you to ensure that their access level always matches their role’s requirements. In addition, the system includes a formal review feature that allows you to schedule regular reviews of your user’s permissions, helping you to ensure that your employees’ access is always appropriate to their role (see Formal Permissions Reviews – Overview).
If further security is required, then you have the option to add the Teams module to your system (contact your Reseller, consultant, or the MyActiv sales team for guidance). This module adds extra controls over who can access content by limiting your employees to the data that is tagged to their own Team, or to those Teams that they manage. Note that System Permissions will determine which modules a user can access and at what level, whilst Teams will control what is visible within the modules an individual can access. See the Teams user guide for more information.
Note that only users with ‘Admin’ rights (see below) to System Administration: Administrator can edit a user’s system permissions. These individuals can change the permissions for all modules and all users, including themselves. See View a User’s System Permissions and Edit a User’s System Permissions for more information.
*****
There are four main levels of system permission, and these are universal to all of Activ’s modules. For simplicity, each permission level provides the same degree of access regardless of which module it is applied to (i.e. ‘edit’ access to File Manager is functionally the same as ‘edit’ access to Improvement Logs). The main permissions are:
- None – the user has no access to the module. They will not see the module in their main menu, and will not be able to view its content.
- Read Only – the user can access the module and see all of its content (excluding Private items), but cannot change anything within that module. Note that the Tasks module is an exception to this, as Tasks allow users to create and manage individual Tasks for themselves even if they are set to ‘Read Only’ (see Create a Task for more information).
- Edit – the user can access the module and see all of its content (excluding Private items), and also has the ability to modify and review this content. Note that items such as Improvement Logs, Incident Reports, Supplier Assessments, and Legal Compliance evaluations can only be assigned to people with Edit or Admin permission.
- Admin – the highest permission level. Users with this permission have access to the module’s settings, can create and modify templates within modules such as the Audit Manager, and can delete or compress items within the module.
Note that these system permissions will interact with the Teams Hierarchy if your package includes the Teams module, and that they may be overwritten for specific items (i.e. individual folders, processes, etc) if those items are marked as Private. Where an item is Private, access is controlled by the item’s individual Access Rights instead of the user’s normal system permissions (see Private Items – Overview).
In addition to these permissions, Activ provides many modules with one further level of access. This final level allows you to control who is able to export data from each area of your system, and is:
- Can Export? – many Activ pages offer the facility to export your raw data to a .csv file for in-depth analysis, or for the purposes of backing up your system. To protect your data, this ability is controlled separately from the main system permissions. If you wish to allow a user to export data from a given area of the system, you must tick the Can Export? box in their System Permissions for that area. This will allow them to use the Export feature within that module.
*****
Action-Specific Permissions – Improvement Log only
Uniquely in the Improvement Log module, Activ offers an optional additional layer of permissions to allow you to control your users’ authority to carry out specific actions. These override the standard module-level permissions for that action (i.e. a user with ‘Read Only’ permissions will be able to create Improvement Logs if given permission to do so within the Who has permission to add Improvement Logs parameter), and exist to provide you with additional control over who can complete each of the module’s key actions.
The Improvement Log’s action-specific permissions are configured within the module’s Settings tab, and are described in detail in: User Permissions for Improvement Log 2 – Action-Specific Permissions.