Modules

Safety Manager is a modular, feature rich application where features are organised in configurable modules:

• Organisation Module (Administrator level only)
• Incident Module
• Accident Module
• Audit Module
• Risk Assessment Module
• Action Module
• Training Module
• Document Module
• Smartform Module (Administrator level only)

As an administrator you can configure module access for each of your users. Users can be granted different permissions per module via Module Roles. Module Roles can then be configured into groups to allow you as the administrator to easily manage your users in bulk. The Smartform module can only be accessed by company administrators.

User Types

Users on Safety Manager are categorized into three main types, the company administrator, site administrators and members.

1. Company Administrator

   Users setup as company administrators have full unrestricted access to the entire organisation including all modules, sites, departments and members.
   
   The company administrator does not need to be configured with Module roles as this type of user automatically inherits all permissions for each module role. See "Roles and Permissions" article for an outline of module roles and associated permissions.
   
   As well as having unrestricted access to all modules, sites and members, this user can access the Administration features (See Fig 4. Administration features) for your organisation including:
   
   
   • Configuring Groups for your organisation
   • Setting Module Preferences for your organisation
   • Setting Email Preferences for your organisation
   • Configuring Account Settings for your organisation
   
   Note: Organisations should only set a user as a company administrator if they are sure this user should have unrestricted access across the application.
   
   

2. Site Administrator

   The site administrator is the next level down from company administrator. This type of user has unrestricted access to all modules (excluding Smartforms) like the company administrator, but site administrators are restricted to specific sites within the organisation.
   
   What a Site Administrator can do:
   
   
   • Access organisation features (Sites, Departments, Members) for specified sites only
   • Full unrestricted access to modules (No module role assignment required)
   
   What a Site Administrator cannot do:
   
   
   • Cannot access Administration features (Fig 4. Administration features)
   • Cannot manage members or departments outside their site access
   • Cannot access site documents / data outside their site access
   • Cannot access Smartforms module
   
   

3. Members

   All other users in your organisation are classified as Members and can be configured with access rights for each module available in your organisation.
   
   Member permissions on the system are applied by configuring role access via Groups. Doing so allows administrators to set access rights to different users within their organisation ensuring they only have access to those tasks they need to perform their job.
   
   In the next few sections we will describe module roles, groups, explain what permissions each built-in role includes and how to use groups as a convenient way of managing your members access.
   
   Note: Only Member level users can be configured with module roles and assigned to a group. Administrative level users (company & site administrators) do not require modules roles to be set as these types of users automatically inherit all permissions for each module.

Modules Roles / Permissions

Access rights on Safety Manager are managed using Role Based Access Control (RBAC) where each role is a collection of permissions for a module. The roles in RBAC refer to the levels of access that member has within your organisation.

Members in your organisation are assigned roles for each module you wish them to have access to in your organisation. By assigning a module role to a member, that member can then preform all permissions associated with the role. (See "Roles and Permissions" article for full list of permissions each module role on Safety Manager provides).

Safety Manager includes several built-in roles that you can use for each module when configuring access for your members. The following lists the built-in roles for each module:

Module	-	Role 1	Role 2	Role 3	Role 4
Accidents	No Access	Viewer	Reporter	Investigator	Manager
Incidents	No Access	Viewer	Reporter	Investigator	Manager
Audits	No Access	Viewer	Auditor	-	Manager
Risk Assessments	No Access	Viewer	Assessor	-	Manager
Actions	No Access	Viewer	Editor	-	Manager
Documents	No Access	Viewer	Editor	-	Manager
Training	No Access	-	Trainer	-	Manager

Module Roles is a key concept to understand – it's how permissions are enforced on Safety Manager.

Only one role per module can be assigned to a member of your organisation with roles acting in a hierarchy inheriting the role under it.

For example, the role Manager in the Accident module automatically inherits permissions for Investigator, Reporter, & Viewer. So, a user set as Manager can perform all tasks that a user set as Investigator, Reporter or Viewer can.

This way only one role per module needs to be assigned to a member with each role taking on the permission of the previous for that module.

Example of hierarchy for Accident module:

• Manager inherits Investigator, Reporter & Viewer permissions
• Investigator inherits Reporter & Viewer permissions
• Reporter inherits Viewer permissions

This concept is the same for each of the other modules. You as the administrator can completely restrict member access to a module by selecting ‘No Access’ for that module. Members with no access to a module will not see this module when they access the application.

See "Roles and Permissions" article for a detailed view of what permissions each module role above includes.

Module roles on Safety Manager are assigned through the Organisation module:

1. Navigate to the Organisation module in the left main menu. (See Fig 3. Organisation features)
2. Click the Members tab
3. Click the name of a member you want to configure access for. Clicking the name will navigate you to the view page for this member
4. Navigate to the Roles tab
5. Configure roles per module for your member in the Module Access table (See Fig 6. Member module role assignment)

Here you as the company administrator or site administrator can configure access for this member by selecting a role for each module you want this member to access.

The module access table allows you to choose one built-in role for each module on Safety Manager. Note: See "Roles and Permissions" article for a complete breakdown of permissions for each module role.

Groups and Configuration

Assigning module roles for each individual member in your organisation can be time consuming. To help manage access for your members, members can be assigned to a group. A Group on Safety Manager is a collection of Module Roles.

This is the best way to manage access for your organisation’s members. Simply create a group, assign your desired module roles to this group and assign the groups to your members.

System Groups

Safety Manager already comes with some pre-configured system groups that you can assign to your members. These groups include:

• Basic
• EHS Personnel
• Management

Basic Group

This group gives a basic level of access to each module in your organisation mainly with viewer ability for modules. It also allows Reporter role access for the Incident and Accident modules.

The following module roles are set for this group:

EHS Personnel

This group includes more advanced module roles allowing users to report Incidents / Accidents, create and edit audits with the Auditor role, create and edit risk assessments with the Assessor role and create and edit Documents and Actions as Editor for their respective modules.

The following module roles are set for this group:

Management

The Management group sets each module with ‘Manager’ role access allowing members of this group to perform all permissions within each module.

The following module roles are set for this group: The above Groups (Basic, EHS Personnel & Management) come pre-set as system groups on Safety Manager. If these groups do not suit your preference for access rights for your members, you as the company administrator have the ability to create your own custom groups and assign desired module roles. See next section on how to create custom groups.

Custom Groups

Creating your own custom groups and assigning module roles is a good way to configure your organisation with desired level of access for your members. Custom groups are created through the Administration feature section (Fig 4. Administration features) and can only be performed by company administrators. To create a custom group:

1. Navigate to the Administration section in left main menu
2. Click the Role Groups tab. Here you will see a table listing both system roles and any custom roles created for your organisation
3. Click the + Role Group button in right corner to create a new group. (Fig 10. Groups list)
4. Input a name for your group
5. Using the Module Access table, configure your new group with desired roles per module.
6. Finally set this new group as assignable so it can be used and assigned to members of your organisation

Note: Groups must be made assignable in order to assign them to members. To make assignable, simply toggle on/off assignability.

Groups and Module Roles can only be configured for member type users in your organisation. The other administrator types (company and site administrators) do not require access configuration as these types automatically gain unrestricted access to all permissions for modules listed above.