Security permission settings refer to the organizational architecture to grant user control.
Important: The majority of organizational reconfigurations are due to security access levels and staffing scenarios not taken into full account when planning the organizational architecture.
The authority assigned to the user grants access to each area below the user’s organizational level of authority. This information must be factored in when creating authorities and building the organizational structure as this may potentially affect supervisor privileges when approving time, managing, and scheduling personnel.
The image below represents a Fire Department’s typical structure; authorities map to the organizational structure as follows regardless of industry.
Example: Captain Cynthia Peterson has the authority of Staffer Advanced which is set to an organization level of Battalion (Region). She has an Assignment in Battalion One. Based on the organizational structure in the preceding image and her assignment area, she can only affect station and unit records contained within Battalion 1.
Therefore, it is very important that resources have assignments within their supervisor’s organizational command level in the application business structure.
Consider the following before you build the organizational architecture:
- Determine staffer access levels to prevent having to give staffers too much access.
- Build the structure in the application so that employees have assignments under their supervisors’ command level.
- Factor What if...scenarios, for instance consider when a user who approves time-off is out on extended leave, who then approves the time-off and where do they fall in the organizational structure? Can the substitute approve records in a different station, area, unit and so on? The business structure must encompass approval levels. Simply put, don’t create X independent agency and place an approver in X agency when they need to approve agency Y, but not agency Z. Doing so would force you to bump the approver’s security access up to the Institution level that could include Y and Z agency - which opens access to Z agency.