Best Practices for Permission Management
Five Best Practices
- Try to use roles instead of assigning specific permissions to an individual user.
- You can define as many roles as are needed, and assign them to one or more users. A user can have any number of roles.
- You can then go through and associate specific granular permission activities within the system to specific role(s) and user(s). Roles make things more scalable as the team changes over time.
- Until a user or a role is given explicit permission for taking an action within DataNinja (like scanning materials into an electronic batch record) EVERYONE has permission. As soon as you lock it down to just a given person or group then ONLY those with the permission are allowed to perform the function. This SIGNIFICANTLY streamlines permissions management during implementation and in the future.
- CFR 21 Part 11 Regulation states that user accounts cannot be shared as it eliminates accountability for actions taken within the system. However, it is super easy to decommission temp worker accounts and create new accounts. These actions can also be done through the API.
Recommended Roles
| Recommended Role Name | Recommended Role Permission Activities |
|---|---|
| Administrator | Users in this role should be able to do everything. These are power users ONLY. |
| Quality Control | Recommended to be used as a high-level role which allows individuals to change expiration dates and release statuses as well as configure all master data. |
| Receiving | Allows individuals to receive and print against pre-defined Purchase Orders |
| Inventory Control | Users in this role should have permissions to preform cycle counts, inventory adjustments, transfers, and scrap transactions. |
| Shipping | Allow shipping transactions against pre-defined Sales Orders |
| Production Planning | Users in this role should be able to schedule manufacturing records and create Work Orders. |
| Manufacturing Execution | Individuals in this role should have permission for recording transacted parts and produced quantity. Additionally this role should have permissions for process step attribute completion. |
| MFG QC Inspector | In-process QC and Approval Step Electronic Signature required role. |
| Yellow Escalation | Supervisor Override |
| Red Escalation | Manager Override |
Updated 16 days ago