Access Control
The Access Control workspace has functionality that allows privileged users to provision access for new users, change access for existing users, and to delete access for specified users. Access Control also allows the ability to select reports that appear in the reporting suite based on access level.
Download a PDF version of the guide.
To navigate to Access Control:
Expand the left-navigation bar and select System Administration.
Under System Administration, click Access Control.
User Admin
In the Access Control workspace there are two tiles available. The first is the User Admin tile. There are three aspects of a user’s access that create their experience in LeaseAccelerator.
Access Level
Access Level determines a user’s ability to perform various To-Dos, as well as the user’s visibility into To-Do status. To-Dos that appear as a button or hyperlink mean the user has visibility and/or the ability to act on it. Some users may be able to see a To-Do due to their scope but may not have the ability to act on it because of their role. In those cases, the To-Do appears as plain text rather than as a clickable button. Access Level also determines where in the system a user can go.
There are eight default levels that you can select from, including Power User, Enhanced User, System Integration, Data Entry User, Standard User, Observer/Monitor, System Admin User, and Accounting Reviewer. More information can be view for these levels in the Access Control Access Matrix in the Success Center or Ask Alex’s menu.
Power User
A Power User has the most access to client facing actions and workspaces within LeaseAccelerator. They can provision access for other users, perform month-end close, transition ledgers, and view the System Operations Console, to name a few. A Power User’s standard configuration is not filtered, meaning they are not limited by Scope of Access assignments.
Enhanced User
An Enhanced User has access to fewer actions and workspaces within LeaseAccelerator than a Power User. They cannot provision access for other users, perform month-end close, transition ledgers, or view the System Operations Console. An Enhanced User’s standard configuration is filtered, meaning they are limited by Scope of Access assignments.
System Integration
System Integration is a role given to users who only need access via the API. This role is limited to API Calls.
Data Entry User
A Data Entry User has access to fewer actions and workspaces within LeaseAccelerator than an Enhanced User. Primary access is limited to lease entry and lifecycle event recordation via the UI and import. A Data Entry User’s standard configuration is filtered, meaning they are limited by Scope of Access assignments.
Standard User
A Standard User has access to fewer actions and workspaces within LeaseAccelerator than a Data Entry User. Primary access is limited to lease entry via the UI. A Standard User’s standard configuration is filtered, meaning they are limited by Scope of Access assignments.
Observer/Monitor (View Only)
An Observer/Monitor has access to fewer actions and workspaces within LeaseAccelerator than a Standard User. They have access to existing deals, reports, and settings information but do not have the ability to edit or add any information within LeaseAccelerator. An Observer User’s standard configuration is filtered, meaning they are limited by Scope of Access assignments.
System Admin User
A System Admin User has access to fewer actions and workspaces within LeaseAccelerator than an Observer/Monitor. Primary access is limited to provisioning access, contact management, and settings information. A System Admin User’s standard configuration is filtered, meaning they are limited by Scope of Access assignments.
Accounting Reviewer
An Accounting Reviewer has a very specific and limited access and is ideally meant to be used with the optional approve/reject workflow configuration. This level is similar to the Observer/Monitor level but has the added ability to approve and reject deals entered via the UI when the approve/reject workflow is turned on.
Can Act As
The ‘Can Act As’ Roles determine what To-Dos a user can perform or be assigned, in the context of a deal. The Roles that can be assigned would be the Lessee Roles. These Lessee roles include ARF Requestor, Accounting Analyst, Accounting Approver, Analyst, Asset Owner, Asset User, Order Administrator, Sourcing Contact, and Treasury Approver.
External Roles
The ‘Can Act As’ Role listed under the External Roles is for LAS Staff. This role is reserved for LeaseAccelerator Staff and Implementation Teams. Clients will never be assigned this ‘Can Act As’ Role.
Lessee Roles
The ‘Can Act As’ Roles listed under the Lessee Roles are for Client users. These roles can be defined by the client to closely align with their companies’ internal structure. To-Dos are associated with Lessee Roles.
The actual To-Dos assigned to each role can be defined by the client.
ARF Requestor
A Lessee Role that can be assigned to a user who will be requesting LvB initiation via mailback.
Accounting Analyst
Staff accountant, typically responsible for compiling and verifying accounting data associated with a lease, recording journal entries, analyzing monthly results, and preparing reconciliations. This Lessee Role is required for the approve/reject workflow, but users cannot be both an Accounting Analyst and an Accounting Approver.
Accounting Approver
Supervisors or managers, typically responsible for reviewing and approving accounting data associated with a lease and approving results. This Lessee Role is required for the approve/reject workflow, but users cannot be both an Accounting Analyst and an Accounting Approver.
Analyst
Typically, the employees responsible for generating the lease versus buy analysis.
Asset Owner
Employees who have fiduciary responsibility for the existence and use of the assets. These employees are typically management level and are financially responsible for the equipment.
Asset User
Employees who have custodial responsibility for the leased assets. These employees may be management or staff level. These employees’ work locations are typically at the asset’s physical location or in the same local/regional area.
Order Administrator
Employees who have “procurement” responsibility for the leased assets and shepherd the administrative process used in your organization to finance the acquisition of equipment and secure its delivery to the asset user.
Sourcing Contact
Employees responsible for initiating and creating an RFP, reviewing the Proposals, and awarding to a Funder/Lessor.
Treasury Approval
Employees, typically responsible for approving the lease transaction and may be the responsible party signing the lease documents. These employees are typically management or executive level and are an escalation step for notifications regarding End-of-Term. This role type is also referred to as Finance Approval.
Scope of Access
The Scope of Access determines what users can see in searches and reporting. The Scope of Access can be limited by Entity, Geo, and SBU (Business Unit). Scope of Access also limits importing ability and report generation.
Scope of Ledgers
The Scope of Ledgers determines what users can see in the Configuration Settings, Reporting, Transition, Contact Management, and Book Deal drop-down menus and workspaces. The Scope of Ledgers can be limited by individual ledger or base and transition ledgers. Transitioned ledgers appear nested underneath the base ledger and granting access to the base ledger will grant access to all the transitioned versions. Scope of Ledgers also limits importing ability.
Note: When a new Entity, Geo, SBU, or Ledger is added to the configuration data, Access must be provisioned to any existing users if the user already has boxes checked in the Scope of Access or Scope of Ledgers tree. If no boxes are checked in any section of these trees, that means the user has wide-open access and when a new company or ledger is added they will be able to see it.
Adding a New User
When adding a new user, there are two methods that can be used. For both methods, begin by selecting Add a new user from the action drop-down menu.
First, you can add a user from a blank form wherein you will select the Access Level, ‘Can Act As’ Role, and define the Scope of Access for the new user.
Once these are populated, you will add the User Name, Name, Title, Company Name, Address, E-mail Address, Phone, and Fax to the information fields at the bottom of the page. Red fields are required for system functionality and must be populated. The SSO User checkbox will be marked if your company is utilizing the Single Sign On integration. If checked, the External UID must be populated with the client defined ID configured for SSO.
Second, you can add a new user based on an existing user. This will populate the Access Level, ‘Can Act As’ Role and the Scope of Access to match the existing User. Any changes, if needed, can be made at this point. Once these are populated, you will add the User Name, Name, E-mail Address, Phone, and Fax to the information tile at the bottom of the page, along with any SSO information, if applicable.
The Title, Company Name, and Address fields will be populated with the values for the based on user.
Changing access for an existing user
Access Control allows you to Change access for an existing user. You select this action from the action drop-down.
Next, select the existing user that will be edited. The Access Level ‘Can Act As’ Role, and Scope of Access can now be changed for the selected user.
Deleting an existing user
To delete an existing user, select Delete existing user from the action drop-down, and then select the user you will be deleting.
Next, you will select how to assign any outstanding tasks.
If you select ‘No specific user’, all outstanding To-Dos will be assigned to all users of the same ‘Can Act As’ Role. You can also assign any outstanding tasks to a specific user. When a specific user is selected, you will receive four options for how to handle outstanding tasks.
Option 1
Transfer all open To-Dos, deal participation and asset responsibility, regardless of deal status.
Option 2
Transfer all open To-Dos, deal participation (all documents) for papering/active deals only, and asset responsibility for active assets only.
Option 3
Transfer all open To-Dos, deal participation (Deal Summary) for papering/active deals, and asset responsibility for active assets only.
Option 4
Transfer all open To-Dos but leave deal participation and asset responsibility unchanged.
Reactivating a previously deleted user
To reactive a previously deleted user, select Reactivate user from the action drop-down.
Next, select the deleted user to be reactivated. The Access Level ‘Can Act As’ Role, and Scope of Access along with the Title, Company Name, and Address fields will be reinstated for that user based on the last configuration before being deleted.
If the reactivated user previously had SSO access you, will need to populate the External UID.
Report Access
In the Access Control workspace, the second tile is Report Access. Report Access allows you to give or limit the access to specific reports by Access Level.
Select Access Level
To edit the list of Reports available in the Reporting workspace, you must first select the Access Level you are going to edit.
Edit the Report List
The list of available reports is grouped by category, of which there are eight. Within each category you can select or deselect the check box for each report. Included in each category will be reports that have been named and saved by users.
Appendix
Standard Reports
Accounting Tile | |
|---|---|
Accounting RollForward FX Report |
Maturity Analysis Report |
Accounting Workbook |
Payment Adjustment Report |
Adjusting Entries Analysis Report |
Payment Report (BI) |
ARO Disclosure |
Payment Schedule |
Cause of Change Report |
Portfolio: Trial Balance Report |
Comparative Accounting |
Quantitative Analysis Report |
Contractual Obligations |
Reconciliation |
Contractual Obligations Report (BI) |
Roll Forward |
ConObs Summary |
Schedule: Trial Balance by Account for a Single Month Only |
Deal Analysis Report |
Schedule: Account Activity Trend Report |
ERP Upload |
Schedule: Account Balance Trend Report |
Lease Classification Report |
Transition Asset Recordation Report |
Leasing Efficacy |
|
Administrative Tile |
Change Management Tile |
End of Term Tile |
|---|---|---|
BYOR for User Administration |
Asset Change History |
EOT Activity |
Booked Schedules List |
Audit History Report |
EOT Notification |
Bulk Import List Report |
Contact Change Management |
EOT Options |
Lessee Default Rates Report |
Deal Level Participant Change Report |
EOT Pipeline |
Reporting Metrics |
Exchange Rate Current State |
EOT Recordation |
Scope of Access - Current |
Scope of Access - Change |
Evergreen Transactions |
User Activity Log |
Scheduled Notifications |
|
Stakeholder Scorecard |
Integration Tile |
Origination Tile |
Portfolio Tile |
|---|---|---|
Ledger Export |
Asset Request Form |
Anomalies Report |
Ledger Export For Functional Currency |
Ordered Items Report |
ARF Booking Report |
Payables Export |
Quarterly Metrics Report |
BU Asset Report |
Weekly Payables Export |
BYOR for Portfolio |
|
Dashboard |
||
Evergreen Transactions |
||
LVB Report |
||
Leasing Summary |
||
Ledger Configuration Validation Report |
||
Participant Validation Report |
||
Portfolio Deal Attribute and Event Activity Report |
||
Portfolio Transactions |
||
Transaction Report (BI) |
Note: Reports visible in Reporting vary by Access Level configuration and should be assigned as needed, by the client.