Organization Unit Roles

The Organization Roles screen can be used to grant access to an organization unit or to deny access to this feature for certain organization units who inherit access through a parent organization unit. For example, this feature may be authorized for a certain facility (trunk level) for all departments (branch level) except one. The access would be set up at the facility level, but denied at the department level for that one department.

Steps for Adding a New Authorization Role to this Organization Unit:

1. From the Configuration section>Organization Unit card>Organization Unit screen, open the organization record to be configured.
2. Click on the Roles button in the left pane to open the roles assignment screen.
3. Select Add to add a new record.
4. Select the Classification from the drop down menu. To access standard roles configured in the system, select the Standard option. The other options (Customer, User Defined, and Replicated) display customized roles assigned to the corresponding classification.

   Determines the type of system classification (for example, Standard, Customer, User Defined, or Replicated).

5. Select the appropriate Authorization Role Code from the Field Look Up Values. The options that display here depend on the Classification selected.

   Role code that determines which screens and processes the users have access to, and the level of access.

6. The Denied field defaults to No. If this organization unit is being denied to the employees, change this value to Yes.

   Indicates whether the user should be denied permissions to the role at this level (Yes/No). When the Denied field is set to Yes, this overrides any inherited role for this user and removes data access.

   An inherited role is an authorization role that is indirectly assigned to an employee. This role is set up on any level of the Organization Unit screen>Roles section, and is automatically assigned to all employees whose Home labor distribution matches any of the levels of the organization unit. For example, if an employee belongs to a home labor distribution of Corporation A/Facility 1/Department 304/ Unit 1, he or she will "inherit" all the roles set up in the Organization Unit screen for Corporation A and for Facility 1 and for Department 304 and for Unit 1. An inherited role can be overridden at the employee level by assigning the employee the same role but with a different level of access (grant, deny or pass through).

   Note: Inherited roles are not listed in the Roles screen in the employee record. They can be viewed in the employee record on the TCS screen>Employee Authorization Information card.

7. Save the record.
8. Select the Data Access button from the Actions pane.
9. Select the appropriate Role assignment from the options listed below. Click on the link to view details on configuration of these options.

   Add Employee Access Select the Add Employee Access button to add or deny access to individual employees using the Employee Search criteria. Click on the Advanced button to open additional employee search criteria options. After entering values in the selected fields, click on the Search button. The results are listed below the search screen. By default, the boxes to the left of each record are checked to select all records. Additional searches with different filter options can be run to add to the selected record results set. To de-select one or more record, click on the box to the left of the record to remove the check mark. To de-select all records in a specific search result set, click on the box above the search results to remove all check marks. Click on the folder to the left of one of the employee records to load all the selected records. All selected employee records are added to the Individual Employee Assignments list with a default access level of Grant. To deny access to one or more employees, click on the expand arrow to open the record and change the Classification field to Deny.

   Opens a screen to add access to individual employees using the Employee Search Criteria.

   Add Employee - Org Unit Access The Add Emp - Org Unit Access button opens a screen to assign the access level for the users. Users are either given access (Grant) to employees in specific organization units or are not allowed access (Deny). To grant access to a specific organization unit and all organization units below it, click on the Add Emp - Org Unit Access button. Enter the values in the organization unit fields to that level. In the Classification field, select Grant from the drop down menu. The system allows Pass Through access for all parent structure levels above the organization unit set to Grant, so the user can retrieve the lower organization unit options. In the following example, the user is automatically given Pass Through access to structure levels 1-2 so that he or she can retrieve the Level 3 structure option of "SJH". Click on the Save button. To grant access to employees in all organization structure levels, click on the Add Emp - Org Unit Access button, but do not enter information in any of the organization unit fields. Click on the Save button. To remove access from a single organization unit, click on the Add Emp - Org Unit Access button and enter the values in the organization unit fields down to that organization unit level. In the Classification field, select Deny from the drop down menu. Click on the Save button.

   Opens a search screen to add access to all employees in specific organization units.

10. Click on the Save button to save this role record. All employees with a matching Primary Home Labor Distribution assignment will inherit this role.