Setting Up Security
Security methods cover a wide range of business rules and practices. Firms can implement security to clients and staff work objects using security groups, which are associated with organizational units, and access groups.
Using Organizational Units
When the system is installed, an organizational unit Organizational units define your organizational structure. The structure can consist of multiple levels: firm, region, office, and business unit. If regions are used, at least one office must exist in each region. At least one business unit must exist in each office. for your firm and a default system administrator A user account created at installation with full rights and ownership of the organizational structure. are created. Some firms will find the firm, an office, and a business unit A level of the organizational unit associated with one or more offices. Examples may be Human Resources, Billing, Tax, Audit, and Financial Planning. All offices must have at least one business unit. A business unit may be assigned to one or more offices. that are created at installation are the only organizational units they need. Other firms may create additional organizational units, establishing more regions, offices, and business units.
A region An area within the firm comprised of one or more offices, for example, northwest or southeast. can be a stand-alone unit or be associated with one or more offices. Each office must have at least one business unit A level of the organizational unit associated with one or more offices. Examples may be Human Resources, Billing, Tax, Audit, and Financial Planning. All offices must have at least one business unit. A business unit may be assigned to one or more offices.. A business unit can be assigned to any number of offices. Staff and clients are assigned to offices and business units.
Securing Data
If you do not have access to functions, clients or staff, contact your system administrator. Provide a description of the modules, functions, or records you cannot access to resolve any security issues.
Product features and options may be disabled or may not appear in your installed version of CCH
Security Groups
Use a security group A set of access rights and restrictions. Staff assigned to the security group automatically receive the group's access rights. to grant and restrict functional rights to groups of staff. Staff assigned to security groups inherit the rights and restrictions of the group.
Some functional right settings are applicable only to the organizational units that are selected for the security group. Staff has permission to other staff and the clients in the organizational units selected for the security group.
The number of security groups for your firm may be defined by job requirements. In the following example, four security groups define the access to product functions for a system administrator, an office administrator in office A, and staff in office A and office B.
Client Access Groups
By default, you may work with all clients in the organizational units where you are granted permissions. A client access group is a security method to restricting access to specific clients. Use these groups to restrict client access to certain staff levels or specific staff in the firm. Access to clients can be secured for all products or for specific product modules. Access to clients can be secured for all CCH
Clients in client access groups can only be accessed by staff who have been assigned to the client access group as Staff with access.
Staff Access Groups
By default, you may work with all staff in the organizational units where you are granted permissions. A staff access group is a security method to restricting access to specific staff. Use these groups to restrict staff access to certain staff levels or specific staff in the firm. Access to staff can be secured for all CCH
There are two types of staff assignments to staff access groups. Staff assigned to the staff access group are secured staff. Only staff assigned to the staff access group as Staff with access have any ability to access secured staff.