Contents
Using the Plan Menu Access Tab
Confirming Dimension Security Settings: Re-Deploy Your Plan
In Planning Maestro, Security settings control the user permissions of each user Group. These permissions enable the users of each Group to access different areas and data stored in Planning Maestro.
Example: You can set up your Security settings so that a Group can access the Worksheets module to create and review budgets but cannot access the Personnel application to see confidential employee information. |
This document shows you, an Administrator, how to edit the Security settings for each user Group.
Please Note: Planning Maestro permissions are assigned by user Group, not by individual user. In other words, to change the permissions of an individual user, you must either:
|
To add, edit, or delete user Groups, see Managing User Groups.
Security Settings QuickView
In Planning Maestro, you can set up Security on three levels.
- Modules – Decide which modules (areas of Planning Maestro) a user Group can access.
- Plans – Decide which Plans the user Group can access.
- Plan Menus – Decide which Plan Menus the user Group can access within each Plan (for example, you can give them access to Operating Expenses but not Revenue).
Modules |
Plans |
Plan Menus |
---|---|---|
Areas of the system |
Published views of data |
Rates, schedules, tools, and other applications within the main modules |
After setting up these three levels of Security, you can also set up Dimension Security to make sure only certain users see certain Dimension Members (for example, if you have some departments you want users to focus on).
Step 1: To edit the Security settings (user permissions) for each user Group, click on Settings and select Security from the dropdown menu.
The Security page opens. This page has three tabs: Module Access, Plan Access, and Plan Menu Access. The Module Access tab opens by default.
Step 2: Use the following sections of this document to set up the Groups’ permissions in each tab.
Please Note: A best practice is to set the permissions for one user Group at a time (especially the very first time you set up Security): first use the Module Access tab, then the Plan Access tab, then the Plan Menu Access tab, and then repeat for other Groups. |
Using the Module Access Tab
The Module Access tab enables you to decide which modules (individual areas of your Planning Maestro account) this user Group can access.
Please Note: If you give a user Group access to any module, make sure they can also access a Plan and the necessary Plan Menus (see the following sections). Otherwise, users in the Group can open the module but cannot access any data or make any changes. |
Step 1: To give access to certain modules to a Group, in the Select Group section, select the name of the Group.
When you select a Group, the Group’s name is highlighted and a Selected icon ( ) appears next to it.
Step 2: To give this Group access to certain modules, in the Modules section, click on the toggle switch in the Access column in the module’s row to switch it to the ON position. You can enable the Group to access one, two, three, or all four of the following:
- Dashboard - The module where users can review a quick summary of the data in the Plan, like a series of mini-reports.
Please Note: If you give a certain Group access to the Dashboard, make sure they also have access to Automation, Worksheets, or Reports so they can access your company’s Plan. |
- Modeler – The module where users can upload data, create Base Structures and Dimensions, and deploy Plans and Cubes.
- Automation and Tools – The modules where users can create processes, rates, and schedules for budgets (such as allocation methods) and deploy Cubes.
- Worksheets – The modules where users can review and edit budgetary data, including operating expenses and revenue.
- Reports – The module where users can run reports.
Please Note: For a description of the tasks users can perform in each module, see Introduction to Planning Maestro. |
When you click on the toggle switch for a certain application, the toggle switch turns green and switches right to the ON position.
Step 3: After turning the toggle switch ON for every module this group should access, click Save.
Please Note: If you are editing Security settings for more than one user Group at a time, you might see a toggle switch in the ON position labeled Mixed. Mixed means that at least one of the user Groups you selected can access that module, and at least one of the user Groups cannot. |
To edit Security settings when you have Mixed permissions, try editing Security for one user Group at a time.
Using the Plan Access Tab
The Plan Access tab enables you to decide which Plans (specific sets of data) this user Group can access.
Example: A holding company has 10 sub-companies. The Accounting department of each sub-company needs to access Planning Maestro to review and edit their yearly budgets. The Administrator creates a separate Plan and user Group for each sub-company and enables each Group to only access its own company’s Plan. |
Step 1: To give access to certain Plans to a Group, on the Security page, select the Plan Access tab.
Step 2: The Plan Access tab opens. in the Select Group section, select the name of the Group.
When you select a Group, the Group’s name is highlighted and a Selected icon ( ) appears next to it.
Step 3: To give this Group access to certain Plans, in the Plans section, click on the toggle switch in the Access column for each Plan this Group should access.
Step 4: The toggle switch for each Plan you selected turns green and switches to the ON position. Click Save.
Please Note: If you are editing Security settings for more than one user Group at a time, you might see a toggle switch in the ON position labeled Mixed. Mixed means that at least one of the user Groups you selected can access that Plan, and at least one of the user Groups cannot. |
To edit Security settings when you have Mixed permissions, try editing Security for one user Group at a time.
Please Note: After you give a user Group access to a Plan, make sure to give them access to at least a few Plan Menus using the Plan Menu Access tab (see the following section). Otherwise, users in this Group can open this Plan, but cannot review any of its data (Spread Methods, Operating Expenses, etc.). |
Using the Plan Menu Access Tab
The Plan Menu Access tab enables you to decide which Plan Menus (applications within the five main modules) this user Group can access.
Example: A company creates a user Group for its Accounting department to review revenue and expenses. However, the Accounting department should not be able to access personnel information. Because Personnel is a menu within each Plan, the Administrator can disable the Personnel menu for the Accounting user Group to give Accounting the access they need while still protecting employees’ privacy. |
Step 1: To give access to certain Plan Menus to a user Group, on the Security page, select the Plan Menu Access tab.
Step 2: Under Select Plan, click on the dropdown menu and select a Plan.
Please Note: You must set up Plan Menu Access individually for each Plan. |
Step 3: In the Select Group section, select the name of the Group.
Step 4: To give this Group access to certain Plan Menu Items, in the Plan Menu Items section, click on the toggle switch in the Access column for each Plan Menu this Group should access.
The Plan Menu Items you can enable for this user Group are listed below.
Automation Setup Menus
Automation
Spread Methods – Enables users to create methods for spreading amounts over a certain time period.
Increase/Decrease Methods – Enables users to create methods for adding or decreasing amounts over a certain time period.
Allocation Methods – Enables users to create methods for assigning a line item to multiple departments, regions, accounts, etc.
Tiered Rates – Enables users to create tiered rates, or rates that change depending on amount or volume.
Default Settings – Enables users to create templates for new line items (such as new Operating Expenses).
Balance Sheet Automation
Payment Schedules – Enables users to set up schedules for paying vendors.
Receivable Schedules – Enables users to set up schedules for receiving payments from customers.
Work/Pay Schedules – Enables users to create schedules for paying employees.
Recognition Schedules – Enables users to create schedules for recognizing (recording) revenue and expenses.
Data Tools
Clear Data – Enables users to clear data in a Plan (the entire Plan or just parts of it).
Quick Assign – Enables users to assign line items to other line items in bulk.
Example: Use this tool to assign benefits to employees in bulk.
Worksheets Menus
Applications
Operating Expenses – Enables users to review, add, edit, and delete operating expenses (such as rent, insurance, and cost of materials).
Revenue – Enables users to review, add, edit, and delete revenues.
Personnel – Enables users to review, add, edit, and delete employee-related information (such as salaries and benefits).
Please Note: Do not enable this Plan Menu for user Groups unless those user Groups should be able to view confidential information such as employees’ salaries, hourly rates, and benefits. |
Drivers – Enables users to review, add, edit, and create non-financial factors or variables that affect your operating expenses, revenue, and personnel (such as taxes or fuel mileage).
Adjustments – Enables users to review, add, edit, and delete adjustments or journal entries that affect your operating expenses, revenue, and personnel.
Data Tools
Please Note: These tools are also available in Automation. |
Clear Data – Enables to clear data in a Plan (the entire Plan or just parts of it).
Quick Assign – Enables users to assign line items to other line items in bulk.
Example: Use this tool to assign benefits to employees in bulk. |
Workflow
Manage Workflow – Enables budgetary teams to collaborate more easily as they build a budget or what-if scenarios.
Please Note: If a user Group has access to the Dashboard, make sure they can access the Workflow application so that they can review Workflow Components (which display progress in each Workflow). |
Step 5: The toggle switch for each Plan Menu you selected turns green and switches to the ON position. Click Save.
Step 4: Repeat the previous steps to set up Security for each Group you created.
Please Note: If you are editing Security settings for more than one user Group at a time, you might see a toggle switch in the ON position labeled Mixed. Mixed means that at least one of the user Groups you selected can access that Plan Menu, and at least one of the user Groups cannot. |
To edit Security settings when you have Mixed permissions, try editing Security for one user Group at a time.
Using Dimension Security
For additional security, you can add Security to individual Dimensions to ensure that only certain user Groups can access certain Dimensions or certain Dimension Members.
Example: You are setting up Security for Department Managers. You have a Dimension named “Department” containing all departments. You can set up Security so that each department manager can only access their own department within this Dimension. |
Please Note: After updating your Dimension Security, re-deploy any Plans you have that use those Dimensions. |
Step 1: Click on the icon in the top left and select Modeler.
Step 2: In the Modeler menu, select Dimensions.
Please Note: Make sure you are connected to a Profile before trying to review or edit Dimensions. |
Step 3: On the Dimensions page, click on the name of the Dimension that needs extra security.
Step 4: The Dimension’s information opens in a panel on the right. In the panel, select the Security tab.
Step 5: In the Security tab, click Enable Member Security.
The Dimension’s Security settings open. Here, you can set up Dimension Security by user Group: each Group can have full access, read-only access, or no access to certain Members within the Dimension.
Example: You can enable a user Group named “Temporary Employees” to see only a few Dimension Members. |
Please Note: After you enable Member Security, the default setting is that each user Group cannot access any Dimension Members. Make sure to give each user Group access to the right Dimension Members. |
Step 6: In the Select Groups(s) section, select the name of the first user Group for which you want to set up Security.
When you select a Group, the Group’s name is highlighted and a Selected icon ( ) appears next to it.
The Members of this Dimension appear in the list below.
Step 1: In the None – Read – Write column, select the radio button under the Security option for each Dimension:
- None – Select this radio button if the Group should neither see nor edit this Dimension Member.
- Read – Select this radio button if the Group should see, but not be able to edit this Dimension Member (in other words, it should be read-only).
- Write – Select this radio button if the Group should be able to see and edit this Dimension Member.
Please Note: To quickly set the same Security setting for all Members of this Dimension at once (None, Read, or Write), click on the checkmark in the top left corner of the table to select all. Then, select the correct radio button for the first Dimension Member in the table. All other Dimension Members receive the same setting. |
Step 2: Click Save to save this Security setting for this user Group.
Your settings are saved. Repeat steps 1-2 to set up Security by Dimension Member for other user Groups.
You can edit the Security settings for your Dimensions at any time. However, as a best practice, try to make sure that users are not currently accessing Dimensions if you decide to restrict that Dimension’s Security settings.
Please Note: If you are setting up Dimension Security for the first time, to make sure you set it up as planned, you can check how these Dimensions appear to your users. First, deploy a Plan including the Dimension(s) for which you set up Security, but not using any Versions (Dimensions only). Then, log into a user’s account (if you haven’t given the user access to Planning Maestro yet, you can enter your email address as the address for their account and reset the password). Open the Plan you created and make sure your users can only see the Dimension Members they have permission to see. |
Confirming Dimension Security Settings: Re-Deploy Your Plan
To make sure your Plan reflects the changes you made to Dimension Security, re-deploy Plans that use that Dimension. Then, the Security changes you made take effect.
Comments
Please sign in to leave a comment.