Function profiles and roles

Function profiles and roles

Within your organization, employees have different tasks and authorities. We want to translate these tasks and authorities into the correct setup in Spend Cloud. These tasks and authorities are referred to as "function profiles" in Spend Cloud. In the image below, you can see that a function profile is composed of a Permission Set, granting access to buttons within Spend Cloud, combined with additional role permissions.

An example of how function profiles might be distributed within your organization is as follows:
  1. Executive
  2. Manager
  3. Team Leader
  4. Employee
This distribution can become more specific. For instance, if you have various types of managers within the organization, you can create more specific profiles. This relates to additional permissions from different modules within Spend Cloud.

Function Profiles, Additional Role Permissions, and Modules

Spend Cloud consists of various modules, and the additional role permissions associated with a function profile vary per module. For example, in the Invoice Processing and Expense Claims modules, you need to select a procurement amount. In the Cash & Card module, you need to specify if an employee is allowed to close a booking period. In the Procurement module, you need to define procurement amounts and access to supplier groups. Supplier groups help you determine which suppliers a function profile can place orders with. You can imagine that all these choices lead to a breakdown of profiles within your organization.

Exceptions to Function Profiles
It's possible that your organization initially starts with just one module, such as Expense and Card. In this case, function profiles can be set up more easily by dividing them into Card Administration, Card Employees, and Card Responsible.

Importance of Function Profiles
There are two reasons why it's important to think carefully about setting up and distributing function profiles:
  1. Employees gain standardized access to permissions within Spend Cloud based on a function profile.
  2. Maintenance in Spend Cloud becomes easier by grouping different roles within the organization into standardized profiles.
Ideal Function Profile Setup
In an ideal use of function profiles, you would want employees in Spend Cloud to have one function profile assigned as much as possible. This function profile would grant access to rights and permissions across multiple modules, making application management maintenance as user-friendly as possible. Further details on this setup can be found under the "Roles" section below.

Roles

A role consists of various components which are Rights, a function profile and an organizational unit.

Rights
We start a role with a rights set. A rights set defines which menu items and buttons within menu items a user is allowed to see and use. For example, for a "Signatory" permission set, it may be defined that the user has access to the "Assessment" menu item in Spend Cloud.

Function Profiles
Next, a function profile is a combination of the permission set and specific role permissions. An example of specific role permissions is the procurement amount assigned to an employee for reviewing invoices or the maximum amount they can order. The guideline for determining and subdividing function profiles often comes from the different roles that employees can have in your organization. You can create a function profile for the "Facility Manager" role, for example, with all associated rights and permissions.

Role
An employee is placed somewhere in the organizational structure within Spend Cloud with the previously mentioned function profile, such as at the location where this employee works. Together, these elements constitute the role of the employee.

Example:

Role

Organizational unit

Employee

Rights

Permissions

Facility service

Wim the facility manager

Assessor

Assess invoices up to €1000


In this example, Wim works in the Facility Service and is allowed to review invoices up to €1000. In the Spend Cloud, he is placed in the organizational unit "Facility Service." In the "Signatory" permission set, it's specified that he has access to the required menu items, and his role permissions state that he has a procurement amount of €1000.

Multiple Roles
An employee can have multiple roles. So, if an employee needs to approve invoices and place orders, they could have three roles in the same organizational unit:

Role

Organizational unit

Employee

Rights

Permissions

Facility service

Wim the facility manager

Assessor

Assess invoices up to €1000

Facility service

Wim the facility manager

Buyer

Buying and assessing orders up to €1000

Facility service

Wim the facility manager

Card Responsible

Assess booking periods



Wim has one role here, which combines his permissions for Invoice Processing, Procurement, and Cash & Card. This also involves a combined rights set so that he sees all the necessary menu items. When we can consolidate all these permissions into one function profile, it simplifies the authorization scheme and makes it easier to maintain.

    • Related Articles

    • Roles

      The role overview can be found in the 'Application Management' of the menu section 'Organization'. The overview provides insights into all roles within Spend Cloud. A role defines the permissions a staff member has within a specific organizational ...
    • Employee and role import

      This article describes how to set up an employee and role import in the Spend Cloud. The combination of both imports automates user management in the Spend Cloud. Employee Import In organizations with a large number of employees, hiring and departure ...
    • Permissions and roles within the Spend Cloud

      During the implementation process of Spend Cloud, an organizational structure is established. You can find this structure under Application Management / Organization / Structure. The structure serves as the foundation for the operation of Spend Cloud ...
    • Structure

      In the menu Application Management / Organization / Structure, you will find an overview of your organizational structure as defined in the Spend Cloud. The structure captures the hierarchy between all locations and/or departments within your ...
    • How can we incorporate our modified/new organizational structure into Spend Cloud?

      Significant changes within an organization, such as a reorganization or the establishment of a new administration or department, may lead to misalignment between the Spend Cloud configuration and the organizational structure and employee roles. The ...