Group and Role Access
Groups are used to group users who need access to the same projects and other data.
Managing group and role access is essential for ensuring that users have the appropriate permissions and privileges within a PPM application.
Groups
Groups are an efficient way to assign access control to data. They typically correspond to major programs or functional groups, such as the Project Management Office. Each project allows you to add one or more groups to the access control grid. If a user is no longer on the project, you simply remove that user from the group they no longer have access to those projects, resources, calendars, among others where that group was provided access.
Roles
Roles define what a user within a group can do. Securable nodes in the role typically align with the menu options but they also can specify if you can edit types of data within a project, for example. Assigning the primary role to the user allows you to have a group with many users with access to different securable items. This simplifies maintaining access control on the data elements. Example roles are Project Controls Analyst, Control Account Manager, and Project Manager; where the Control Account Manager cannot access Recalculate, but the Project Controls Analyst does .