1. Implementing Enterprise Contracts
  2. Contract Security Setup

Contract Security Setup

The Contracts security model provides different levels of access to administrative and non-administrative users. Administrative users can edit contracts in all the BUs they're authorized in.

Business units (BUs) and team member security can determine which contracts a user has access to.

Contract security works this way:

  • You must be designated as a sales resource to be able to create or edit a contract.

  • Only a sales resource or sales resource organization can be team members of a contract.

The BUs that a user can access is based on the resource organization the user is mapped to as a resource.

Here's how administrative and non-administrative user access to contracts is determined in the UI:

  • Administrative users can create or edit contracts in all the BUs they're authorized in. Administrative users have Contracts

  • Non-administrative users can create contracts in all the BUs they're authorized in. They also have access to contracts based on team membership, as follows:

    • They can view and edit contracts of other BUs provided they're team members in those contracts.

    • All the managers of the organization in the upward resource hierarchy of a team member can also access the contract. For example, if User A is the manager of User B, User A will be able to edit the contract of User B. User A can access this contract irrespective of whether he is listed as a contract team member.

    • All the users below the hierarchy are also authorized on the contract.

Tip: The real power of team security can be seen when you're talking about users who don't have access to particular BUs. For example, take User C, who doesn't have access to the BU that User D is using. Add User C as a team member of the contract. User C can access the contract, even though he doesn't have access to the BU.

This table illustrates the user access scenario:

Contract Privilege

Administrative User

Non-Administrative User

Create contracts

Can create contracts in all the BUs that the user is authorized in, based on their resource/resource organization mapping.

Can create contracts in all the BUs that the user is authorized in, based on their resource/resource organization mapping.

Edit contracts

Can edit all the contracts of the BUs that the user is authorized to.

Can edit all the contracts in which the user is a team member.

Note:

  • Even if a user is authorized in a BU, the user may not be authorized for all contracts in that BU.

  • Users can access contracts even if they're not authorized in its BU, provided they're on the contract team.
Caution: Be sure to give team member-type roles to non-administrative users and not any roles that give contract administrator or contract manager-type privileges. Otherwise, users will be able to see contracts that are created in other BUs.

Related Topics