Role security

The Role security page allows administrators to control user access to system functions and data based on the role or position of a user within an organization to ensure that users can only access the data and functionality that they need to perform their job duties.

In Financial Consolidation, a role-based security system, access control is based on the specific roles or positions that users hold within an organization. Users are assigned to roles that correspond to their job duties and responsibilities, and each role is associated with a specific set of permissions and access levels. Using the Roles Security page, some customer account administrators can reduce the default rights given to a role.

To access the Roles Security page, click Administration > Security > Roles Security.

A role is a grouping of permissions assigned by administrators to users or group of users. A role consists of a name, description, permissions, and scope. Administrators have the ability to restrict the scope of a role by specifying permissions (Read, Write) that are applicable to menus and pages in the application.

The application includes four default roles:

  • Administrator. This is the system owner or primary user. This role has access to the Administration menu and controls user access and system security.

    An administrator is a user who has the highest level of access to the application. Their role is to manage the overall operation of the system and ensure that it is functioning properly. This includes installing and configuring hardware and software, managing user accounts and permissions, monitoring system performance, and resolving technical issues. Administrators are responsible for ensuring the security and stability of the application.

  • Consolidators. Consolidators include controllers at parent companies and senior accountants. This role has access to all the menus except the Administration menu.

    A consolidator is a user who is responsible for combining financial data from multiple sources into a single report or financial statement. This can involve consolidating financial data from different subsidiaries or business units within an organization, or from external partners or vendors. The role of the consolidator is to ensure that the financial data is accurate and complete, and that it is presented in a clear and concise manner

  • End user. A user or end user is typically the accountant of a child company. This role’s access is limited to their company only. Users in this role have access to the Data Entry menu; can import data, and enter journal entries. However, they cannot run consolidations or make changes to configurations.

  • Auditor. Users in the auditor role have the same access as consolidators. This role can be configured to have full or restricted data entry access.

    An auditor is a user who is responsible for reviewing and evaluating an organization's financial statements, systems, and processes to ensure that they are accurate and comply with relevant laws, regulations, and standards. Auditors may be internal or external to an organization.

Default access granted to roles

In Financial Consolidation, user roles are granted default access to specific menus /pages. For example, the End user role has access to the Data Entry menu and all associated pages.

Default user role access can be found in the Full: Read and Write columns of each role.

Default access cannot be modified by the administrator. However, the administrator can, if required, restrict the access of user roles in the application. See Restrict user role access.

Restrict user role access

Administrators have the ability to override the default user role access that gives a group of users full access to specific menus and pages. Using the Resticted column, an administrator can restrict the access of a group of users to menus and pages in the application depending on the needs of their organization.

Administrators can do the following:

  • restrict user roles to read only

  • remove read and write access

To restrict user role:

  1. Click Expand all to display all the menus and sub menus.

  2. Look for the menu or page to which you want to restrict user role access.

  3. In the Restricted column for the page or menu, you have these options:

    • To give the user role read or view only access, select Read.

    • To restrict the user role from gaining full access, clear the Read and Write check boxes. This will remove the full access of users in that role and will no longer be able to access the menu /page.

  4. Click . To apply the restrictions, you need to update the profiles of the users in the user role on the Customers/Users page.

  5. On the Customers/Users page, click on the login ID of the user.

  6. In the Customers tab, look for the customer (company) to which you want to restrict the user’s access and click to display the user’s details.

  7. In the Details pop-up window, ensure that the role you want to restrict is selected in the Role field and select Restricted.

  8. Click .