Permission
Overview
The Permission module inside the Firm Admin Portal (FAP) allows an authorized user (e.g., MTO coordinator) to configure what a MTO auditor user (MTO coordinator and MTO audit team) can view and action upon inside the application.
Note: The configuration of permission for 3rd-party vendor and AR user is done by MTO audit team inside the application.
Key functions
The Permission module inside the FAP provides authorized users with the ability to configure user access to the following components of the system:
- AR user information
- Audit project and case data
- Common functionalities
AR User Information:
The table below lists the default settings in terms of access to AR user information inside the application. For example, by default an MTO auditor can only view AR user information. These permissions can be configured by authorized user (MTO coordinator) under the Permission module inside the FAP.
|
|
|
MTO Coordinator |
MTO Auditor |
Note |
|
Authorized requester management permissions |
|
|
|
|
|
|
Can view authorized requesters |
✓ |
✓ |
just see the menu + data as read-only (data in Population, Authorized Requestor profiles) |
|
|
Can manage authorized requesters |
✓ |
|
see data + ability to edit authorized requesters (AR profile and batch action in AR Population) |
Audit Project and Case Data:
The table below lists the default settings regarding the actions that an MTO audit team user can take in terms of the audit project and case files. For example, by default an MTO auditor user can submit an archive/deletion request but cannot approve such requests. These permissions can be configured by authorized user (MTO coordinator) under the Permission module inside the FAP.
|
|
|
MTO Coordinator |
MTO Auditor |
Note |
|
Applicant management permissions |
|
|
|
|
|
|
Can view applicants |
✓ |
✓ |
just see the menu + data as read-only |
|
|
Can manage applicants |
✓ |
|
see data + ability to edit applicants (Applicant profile and batch action Population/Applicant) in the app |
|
Audit project management permissions |
|
|
|
|
|
|
Can view audit projects |
✓ |
✓ |
just see the menu + data as read-only |
|
|
Can manage audit projects |
✓ |
|
see data + ability to create new audit project+ complete the audit project |
|
Audit case management permissions |
|
|
|
|
|
|
Can view audit cases |
✓ |
✓ |
ability to view all audit cases with read-only |
|
|
Can setup audit cases' assignment and scheduling |
✓ |
|
ability to assign and set due date for audit case |
|
|
Can update work phase and generate audit cases |
✓ |
|
ability to update phase state and generate audit case |
|
|
Can submit Deactivate/Delete audit case |
✓ |
✓ |
ability to submit audit case for deactivate/delete |
|
|
Can approve/reject the submission of audit case status (Deactivate/Delete) |
✓ |
|
ability to approve/reject request created |
|
Working paper permission |
|
|
|
|
|
|
Can change a working paper's editing permission |
✓ |
|
ability to unlock Working Paper (WP) |
|
|
Can delete a Phase/Subphase/working paper/document |
✓ |
✓ |
ability to delete phase/subphase/WP/documents in assigned audit case |
|
Business records management permissions |
|
|
|
|
|
|
Can submit archive request |
✓ |
✓ |
ability to submit archive for an audit case |
|
|
Can approve own archive request |
✓ |
|
ability to approve the request created by themselves |
|
|
Can approve and reject archive request by others |
✓ |
|
ability to approve/reject request created by others |
|
|
Can view archived audit cases |
✓ |
✓ |
can view all archived audit case and can download archived package/download the assigned archived audit case |
|
Firm template management |
|
|
|
|
|
|
Can manage firm templates |
✓ |
|
ability to access Report portal and perform any action |
Common functionalities:
The table below lists the default settings regarding the actions that an MTO audit team user can take in terms of removing common tools in working papers, attachments and templates. For example, by default an MTO auditor user can add attachments/common tools but only the coordinator can remove attachments and common tools added by others. These permissions can be configured by authorized user (MTO coordinator) under the Permission module inside the FAP.
|
|
|
MTO Coordinator |
MTO Auditor |
Note |
|
Common tool permissions |
|
|
|
|
|
|
Can remove (unlink or delete) attachments added by others |
✓ |
|
ability to unlink/delete attachments added by others |
|
|
Can remove (unlink, close, or delete) common tools added by others |
✓ |
|
ability to remove (unlink, close, or delete) common tools added by others |