Skip to main content

Hi everyone,

I’m currently logged in as an HR user in IFS Cloud and have noticed that I can view the documents of my manager(supervisor), who is also part of the HR department. This raises a concern, as these documents may be confidential and should ideally not be accessible to peers or subordinates within the same department.

Is there a way to configure access controls so that HR users can only view

  • Their own documents

  • Documents of employees who report to them

but not those of employees at the same level or above in the organizational hierarchy (especially within HR)?

I would appreciate any guidance on how to set up this kind of access restriction, whether through permission sets, document access roles, or any other recommended configuration in IFS Cloud.

Thanks you.

 

I have attached a screenshot for your reference and all the 4 documents that can be seen in below SS related to user HJ should not be visible to logged in user MW

 

 

Hi,

When it comes to document management inHCM it is very important to think through what document classes are used.

In my opinion all document classes for HCM should have “Restricted access” parameter set and object access control.

On top of this restrict access depending on what document class is connected to what object in “Default Object Access Levels”

If there are really sesitive documents I think you should have only access for an access group...

Object access control is available for many HCM objects but not all. 

One big problem, however, is that users can make mistakes… if they select the wrong document class you still can get unauthorized users to get access to the document. Since access given to groups on a document class “overrides” the settings in “Default Object Access Levels”.

We can’t prevent users from making mistakes :-(

I have an ongoing case with support regarding this right now so let’s see if there will be changes.

One last thing to keep in mind is that all users with Docman Admin permission set can see and read ALL documents… a big risk for HCM.

Regards,

Maria

 

@ADDMARIAE Thank you very much for this information.

We have already tried the options that you suggested but this issue cannot be solved.

Reply


Terms & ConditionsCookie settings