Roles & Permissions Overview

This page provides a comprehensive overview of all system roles, their permissions, and access levels across different features and modules.

Role Hierarchy

The system follows a hierarchical structure with increasing levels of access and responsibility:

Administrative Level

Highest level system access and configuration control.

Admin Admin - Full system access and configuration
Ops Support Ops Support - Operational support and user management

Management Level

Operational leadership and team management roles.

Ops Manager Ops Manager - Team and operational management

Detailed Role Permissions

Administrative Roles

Admin

Admin Full system administration and configuration access.

Overview Permissions:

✓ Dashboard
✓ Operational Tracker
✓ CIPHR Integration
✓ Lieu & Holidays

Scheduling Permissions:

✓ Rota Management
✓ Submit Request
✓ Submitted Schedules
✓ Schedules

Management Permissions:

✓ EOS Actions
✓ Manage Request
✓ Account Management
✓ Create User Accounts
✓ Team Management
✓ Configuration Centre

Key Capabilities:

Create and manage all user accounts
Configure system roles and permissions
Full access to all operational features
System configuration and maintenance

Ops Support

Ops Support Comprehensive operational support with user management capabilities.

Overview Permissions:

✓ Dashboard
✓ Operational Tracker
✓ CIPHR Integration
✓ Lieu & Holidays

Scheduling Permissions:

✓ Rota Management
✓ Submit Request
✓ Submitted Schedules
✓ Schedules

Management Permissions:

✓ EOS Actions
✓ Manage Request
✓ Account Management
✓ Create User Accounts
✓ Team Management
✓ Configuration Centre

Key Capabilities:

Support all operational users
Manage user accounts and requests
Create EOS tasks and assignments
Access to most system features for support

Management Roles

Ops Manager

Ops Manager Direct team management and operational coordination.

Overview Permissions:

✓ Dashboard

Scheduling Permissions:

✓ Rota Management
✓ Submit Request
✓ Schedules

Management Permissions:

✓ Allocated Contracts
✓ Assigned Events
✓ EOS Actions

Key Capabilities:

Direct team management
Contract allocation and management
Event coordination and assignment
Day-to-day operational oversight

Feature Access Matrix

Feature	Admin	Ops Support	Ops Manager
Dashboard	✓	✓	✓
Operational Tracker	✓	✓	✗
CIPHR Integration	✓	✓	✗
Lieu & Holidays	✓	✓	✗
Rota Management	✓	✓	✓
Submit Request	✓	✓	✓
Submitted Schedules	✓	✓	✗
Schedules	✓	✓	✓
EOS Actions	✓	✓	✓
Manage Request	✓	✓	✗
Account Management	✓	✓	✗
Create User Accounts	✓	✓	✗
Team Management	✓	✓	✗
Configuration Centre	✓	✓	✗
Allocated Contracts	✓	✓	✓
Assigned Events	✓	✓	✓

Permission Levels Explained

Full Access (✓)

Complete access to feature with all capabilities.

Can view, create, edit, and delete
Access to all sub-features and options
Can manage other users’ data in the feature
Full administrative control within the feature

Limited Access (◐)

Restricted access with specific limitations.

Can view own data and team data
Can edit own submissions and assignments
Cannot modify other users’ data
May have read-only access to some areas

No Access (✗)

Feature is not available to this role.

Cannot view, access, or interact with feature
Feature does not appear in navigation
No permissions within the feature area
Must request access through appropriate channels

Role Assignment Guidelines

Administrative Roles

Guidelines for assigning administrative access.

Admin: Reserved for system administrators and IT personnel
Ops Support: For dedicated operational support team members
Limit Assignment: Keep administrative roles to minimum necessary
Regular Review: Audit administrative access quarterly

Management Roles

Guidelines for operational leadership assignments.

Hierarchy Alignment: Match system roles to organizational structure
Responsibility Scope: Ensure role permissions match job responsibilities
Team Leadership: Management roles should align with team leadership
Succession Planning: Plan for role transitions and coverage

Security Considerations

Security Best Practices

Principle of Least Privilege: Grant minimum necessary permissions for job function
Regular Access Reviews: Audit user permissions quarterly and remove unused access
Role Documentation: Maintain clear documentation of role purposes and responsibilities
Change Management: Require approval for role changes and permission modifications
Monitoring: Track role assignments and access patterns for security compliance

Common Role Scenarios

New Employee Onboarding

Standard role assignment for new team members.

Start Basic: Begin with Ops Manager role for management personnel
Training Period: Provide limited access during initial training
Gradual Expansion: Increase permissions as competency grows
Mentorship: Pair with experienced team members

Promotion and Role Changes

Managing role transitions and promotions.

Gradual Transition: Phase in new permissions over time
Training Requirements: Ensure training before granting access
Old Role Cleanup: Remove previous role permissions appropriately
Documentation: Update role documentation and team structures

Temporary Coverage

Handling temporary role assignments and coverage.

Temporary Access: Grant time-limited permissions for coverage
Clear Duration: Set specific start and end dates for temporary roles
Documentation: Record reason and duration of temporary access
Automatic Cleanup: Remove temporary permissions when period ends

Getting Help

If you need assistance with roles and permissions:

Check this guide for standard role capabilities and access levels
Contact Ops Support for permission-related questions and issues
Request role changes through your manager and HR processes
Report access issues to Admin team for technical resolution