The Administrator Security screen is used to define the Permitted Tasks and Permitted Administrative Organisation Access for all users who are designated as an administrator. Access to the screen is thorough the Users > Administrator Security tab.
An administrator is first defined by selecting the ‘Administrator’ Role in their user profile. Access to the P2P Admin tab is permitted when this role is selected.
Until permissions are granted within the Administrator Security screen, although the user can access P2P Admin, they are unable to perform any administration tasks.
Administration Permissions
Profile Security
As an administrator with access to Administrator Security, you can set or change permissions for all other administrators within your own permitted organisation access level. You are NOT able to access and change your own administration profile: only another administrator within your organisation (or parent organisation) with similar task permissions can modify your administration profile.
Administration rights are TOP DOWN. This means that an administrator can only administer the organisation that they have been given rights to administer and that organisation’s subordinate organisations, not any of its parent levels.
Flexibility
Not all administrators are granted rights to perform all tasks across all organisational levels. PECOS P2P allows you to define different tasks (menu options) and organisational level access for each administrator, thereby defining different grades and/or organisationally specific levels of administration.
Assigning Administrative Tasks
- Click the Users > Administrator Security tab to open the Administrator Security screen.
- On the Administrator Security page the current administrators are listed in the ‘Administrators’ box. (These are the users who have the role of administrator within their user profile).
- Scroll down the box and click on the administrator’s name whom you want to create or edit.
- To assign permissions:
- In the ‘Available Administrative Tasks:’ box select a task that you want the administrator to perform. Move this task to the ‘Permitted Administration Tasks:’ window
- If you want to grant all administrative tasks to this user, click the >> (move all) button. All tasks will move to the ‘Permitted Administration Tasks:’ window.
- When you have finished, click Update.
- To remove permission:
- Click on the task to be removed in the ‘Permitted Administration Tasks:’ box. . The task will move to the ‘Available Administration Tasks:’ window.
- To remove all tasks, click the << (move all) button. All tasks will move to the ‘Available Administration Tasks:’ window.
- When you have finished, click Update.
Available Administrative Tasks
Most administration tasks are self explanatory and allow access to an administration menu option. The available tasks are listed below with a brief explanation of their access permissions.
- Address Maintenance: Allows access to the Address options in various screens for the maintenance of company, supplier and PCard addresses.
- Administration Audit Trail: Allows access to the Utilities > Audit Log tab.
- Administration of Punchout Data: Allows access to the Punchout screen in the Supplier Profile.
- Administrator Security: Allows access to the Users > Administrator Security tab. This option allows an administrator to create and edit administrator profiles and should be granted only to senior administrators.
- Announcements: Allows access to the Company > Announcements screen to create and manage Announcements.
- Approval Plans: Allows access to the Approval Rules > Approval Plans and Approver Roles tab, allowing the creation and maintenance of approval plans.
- Approval Rule Groups: Allows access to the Approval Rules > Approval Rule Groups tab.
- Archives: This option is not currently used.
- Attachments: This option gives access to the Utilities > Attachments tab and enables the creation and maintenance of system assigned document attachments.
- Budget Editor: When the budgeting module is implemented, this option provides the administrator with restricted access to budgets and budget data. Rights allow full management of inactive budgets but do not allow access to activate or manage active budgets and provide view only rights for alerts and approvals for active budgets. The Financial > Budgeting tab is enabled.
- Budget Manager: When the budgeting module is implemented, this option provides the administrator with unrestricted access to upload and fully maintain budgets and budget data. The Financial > Budgeting tab is enabled.
- Business Rule Groups: This option gives access to the Business Rules > Business Rule Groups tab. This option allows administrators to create and maintain access groups for catalogues, financial tracking codes and procurement cards.
- Catalogue Content Management: This option is provided for future development to allow fully integrated access to the Elcom Catalogue Content Management module. It provides access to the Catalogue > Catalogue Content tab which is a place holder only and provides no functionality at this time. This option should not be permitted to any administrators.
- Catalogue Maintenance: This option gives access to the following tabs. Catalogue > Items; Catalogue > Categories; Catalogue > Collections and Catalogue > Catalogue. This allows full access to catalogue maintenance options.
- Company: This option gives access to the Company > Organisation Maintenance tab, allowing the administrator to add and maintain all organisational data.
- Create Organisation Structure: This option is not used.
- Currency Maintenance: This option allows access to the Financial > Currency tab, enabling the administrator to maintain currency conversion data.
- Document User Field Maintenance: This option allows access to Utilities > User Field Definitions tab, enabling the administrator to create Order and Invoice user defined fields.
- Dynamic Options Maintenance: This option allows access to the Company > Dynamic Options tab.
- Financial Calendars: When the budgeting module is implemented, this option enables the administrator to maintain financial calendars in the PECOS P2P administration module. The Financial > Financial Calendars tab is enabled.
- Financial Tracking Codes: This option allows access to the Company > Financial Tracking Maintenance tab. With this option the administrator is able to maintain and add all financial tracking code data within accounting methods.
- Outstanding Approvals: This option allows access to the Approval Rules > Outstanding Approvals tab. Here the administrator is able to review all outstanding approval objects and optionally reassign to alternate approvers.
- Procurement Cards: This option allows access to the Financial > Procurement Cards tab, enabling the maintenance of all procurement card information.
- Report Groups: This option is not currently used.
- Suppliers: This option allows access to the Suppliers > Profile and Suppliers > User Fields tabs. Administrators are able to edit and create all supplier information.
- Templates: This option allows access to the Company > Templates tab, allowing the administrator to manage all Templates (i.e. delete or change ownership) within their organisation.
- Users: This option allows access to the Users > Profile tab for the administration of all user profiles. Note that access is not given to the Administrator Security sub menu which is a separate permission.
New product releases
When a new PECOS P2P product version is released that contains new functionality contained in new menu options, these options are not automatically granted to existing administrators. A new ‘Available Administrative Task’ will be created that must be granted to appropriate administrators through the editing of their administrator profile. Upon release of a new feature, Client Services will enable new options for the site administrator only.
Assigning Administrative Organisations
After assigning administrative tasks, thereby defining WHAT tasks this administrator is to perform, you must next select WHERE they are to perform their tasks. To do this scroll down to the ‘Permitted Administration Organisations:’ section of the Administrator Security screen.
- To define in what level of the organisation your selected administrator is to have permission to perform their administrative tasks, click on the Add/Remove Orgs button. An Organisation Assignment sub window will open displaying the PECOS P2P organisation tree.
- In the Organisation Assignment window select all appropriate organisations by clicking on the organisation name in the organisation explorer window. Open each subordinate organisational level by clicking on the ‘+’ symbol.
Note that the highest level organisation only need be selected for each organisational branch: all subordinate organisations will be included by default. - You may select more than one organisation. Simply drill into the organisation explorer tree and click on the organisation name. Note that a subordinate organisation of an organisation already selected will not appear as a separate selection, since it is already included by default.
- To remove a selection: highlight the selected organisation in the table and click the Remove button.
- Default Organisation. By default, the first selected organisation will become the administrators default organisation. To change this default, highlight an alternative organisation that you have selected and click the Set Default Organisation button. The new default will appear at the top of the organisational unit selection. The administrators default organisation is explained below.
- When you have finished selecting all the organisational permissions for your administrator click the Finished button. The Organisation Assignment sub window will close and your selections will populate the Permitted Administration Organisations box on the Administrator Security screen.
- Click the Update button at the top of the Administrator Security window to save your settings.
Default Organisation
All administrators must have a Default Administration Organisation. This will define the organisation that all data is saved to when the administrator creates a record in PECOS P2P.
It is important that data is saved to the appropriate organisational level since this affects its access permissions to other system administrators. An administrator will not be able to access a record that is saved to an organisation above their assigned administrative organisation permissions.
Organisation Override
If you are setting administrative permissions for an administrator who has access to an organisational hierarchy or multiple organisations, you can allow the administrator to override their default administration organisation.
To do this, check the Organisation Override box in the Administrator Security window.
This will enable the Organisation button to display in a number of the administration windows. This then allows the administrator to open an organisation explorer window, prior to saving data, and select an organisational level that is not their default organisation. The data record will then be saved to the selected (overridden) organisational level for administration purposes. This override selection will operate only within the administrators permitted organisational permissions.