User privileges define what you can do in the HR Suite. You only have access to the things that are relevant to your work, which depends on your role in the organization. It's the same idea as managing physical access with keys or building access cards - what you can access with your key or card depends on your position. For example, you may have a key or card that opens any door in any building anywhere in your organization, any computer room in your organization, any door in your building, or only the door to your office.
Just as there are several elements involved in managing people's physical access in the workplace, there are also several elements involved in managing access on your site:
- Organizational tree - A map of your organization's structure. The tree describes your organization as four tiers. These represent organizational units such as location, division, department, and group.
- Groups - Sets of users who have similar needs and privileges on the site. You may be familiar with groups as users types if you have used earlier versions of this product.
- Permissions - Specific levels of access, such as create. Permissions apply to specific areas within the site.
- Group privileges - What the group can do on the site. A privilege is a permission and the part of the site to which it applies. For example, if a group has the createpermission in the Postings area, the group's privileges include creating postings.In place of posting, your organization may use a term such as announcement, requisition, workforce request, or open position.
- Scope - How far a group's permissions extend across the organizational tree, in terms of the organizational unit tier at which they apply.
Groups
Because it is not practical to define levels of access to each part of the site for each user, the HR Suite manages what people can do by defining groups of permissions and assigning you the groups you need.
The Organizational Tree
The organizational tree is a diagram of how your organization is structured. It is used in working with groups and permissions. The organizational tree is not the same as an organizational chart (a diagram of your organization's reporting structure), though the two may look similar.
How the Organizational Tree Affects Group Permissions
Each group specifies a scope tier - how far any group member's permissions extend - in addition to specific permissions. For example, a group for managers or department heads may have department scope: All members of this group have permissions that apply to postings and other items associated with their own departments.
The organizational unit in which the user is placed affects how the user's group permissions are applied. For example, people in one department do not have access to the same set of postings and other items as people in another department.
Scope
Scope specifies how far your group permissions extend across your organization. Each level of the organizational tree corresponds to a level of scope.
Scope is part of the definition of each group, but it applies to individuals. Using the analogy of keys or access cards, the scope of group permissions is similar to the locations where a key or card will work - across the whole organization, in any building at one location, in one building, on one floor, or just in your work area.
Levels of Permissions
To access a given area of the site, you must have some level of permission in that area. Some permissions determine whether the site displays a particular setting on a specific page; others control whether large areas of the site (such as the Postings tab) are available to you.