Role Based Access
All users of the system will have a role that determines what features they are able to access and use. In all there are sixteen roles, however many are very specific and are appropriate for use in larger and more complex entities.
Roles can be used to ensure users only have access to those features that they require to perform their duties. This provides exceptionally strong security, segregation of duties and control.
In many instances for a smaller entity the appropriate role will be the Controller, as this provides access to all features of the system. The other very common role will be the Regular User, as this is the one that allows for input and management of simple day-to-day business transactions. If you are the person that has set-up an entity you will almost certainly wish to take the Controller role. If you subsequently grant access to the system for others that work with the entity then making them a Regular User or Enhanced User role may be appropriate. A person that runs the payroll will need the Payroll Administration role. An initial role must be set when a user is granted access to an entity in the first place. This may subsequently be amended. Roles that have the right to amend the roles of other users are:
- Controller
- Accountant
- Business Administrator
Roles and aspects of UK GDPR
The Donations, Personnel and Payroll functions of the system hold "personal data" as defined under GDPR legislation. This data is held primarily to allow for direct filing of payrolls, gift-aid claims and P11's to HMRC and pension organisations. The control of the data, its management, update and deletion rests with the user organisation. Liberty Accounts as a processor has obligations to protect the data.
Liberty Accounts has made a available a range of tools to allow user organisations to manage aspects of log-in security and access to personal data, See Organisation Security Policy. Policies may be set that allows only authorised users to view personal data, otherwise it is anonymised.
The Roles
- Analyst Overview
- This role allows a user to view analytical processes and reports only, no transactions may be entered or amended. Appropriate for a user charged with overview, analysing and planning for the organisation.
- Controller
- Provides access to all features of the system including set-up and administration. Appropriate for a user who has set up the entity and is a/the senior financial manager for it. The supervisor from an Accountant or Advisor will often have his role.
- Accountant
- Provides access to all features of the system with the exception of Payroll Administrator. Appropriate for a user who has set up the organisation and is a/the senior financial manager for it but where the payroll and P11D features are not being used.
- Business Administrator
- This role allows a user to set-up the basic structure and profile of an entity, but with no access to the accounting features and data input. Appropriate for a user providing administration support.
- Bookkeeper
- A role similar to the Accountant role except that access to set-up and administration is not available. Appropriate for a user providing full bookkeeping services to the organisation, but for who it is not required to set-up and provide other administration services for the entity.
- Asset Administrator
- This role allows a user to access the asset register only. Appropriate for a user only responsible for managing the asset register and adding new assets.
- Enhanced User
- This role allows a user to access all the main accounting and reporting functions but without access to stock, payroll, asset register, set-up and administration. Appropriate for an experienced and knowledgeable user undertaking substantially accounting management and transaction inputting.
- Regular User
- This role allows a user to enter basic transactions for the entity. Appropriate for a user undertaking the basic inputting of transactions where there is supervision to call upon.
- Cashbook User
- This role allows a user to deal with simple cash based transactions for the entity. Appropriate for a user entering cash based transactions only.
- Stock Administrator
- This role allows a user full access to the stock, purchase order processing and sales order processing. Appropriate for a user responsible for the full management of Sales Order and Purchase order processing and stock.
- Stock Handler
- This role allows a user access to processes for managing stock only Appropriate for a user only responsible for the management and administration of stock such as a warehouse manager.
- Gift Aid Administrator
- Only available for Not for Profit entities, this role allows a user to administer the donor ledger and prepare and submit online gift aid claims. Appropriate for a user charged managing gift aid and the donor ledger
- Donation Administrator
- Only available for Not for Profit entities, this role allows a user to administer the donor ledger and donations. Appropriate for a user charged managing the donor ledger
- Payroll Administrator
- Provides access to the payroll and management of P11D's. Appropriate for a user responsible for solely running and administrating the payroll on the system.
- Sales/Credit Controller
- This role allows access to sales activity, sales ledger and credit control functions. Appropriate for a user who is responsible for sales administration and credit controller.
- Purchase Controller
- This role allows access to purchase activities and purchase ledger Appropriate for a user who is responsible for buying and purchase administration.
Role Menu Exclusions
Once a role has been granted further exclusions may be applied by restricting access to particular menu items. This can be done from the Menus item on the Manage Users screen for each user as required.
Toggle Menu Items
Tick the toggle switch under the status column, adjacent to the menu item, to be restricted. The menu item is restricted when the status switch is grey. Note it would be possible to exclude everything so it is advised to take a little care in this process.