Why do we not recommend giving admin level rights to employees

When creating a company user, there is an option to assign them admin level rights - in the dropdown we have highlighted that admin user can "view, edit, delete, change etc EVERYTHING within the company". So why does this matter?

In Natural HR, when an employee wants to request time off, for example, they need to use Self Service and submit the request. As part of this process, there is a workflow which sends the request to their manager for approval and, until the manager approves the request, it is set to "Awaiting approval".

As an administrator, the employee does not need to use Self Service to add time off - they can simply go to the main Time off module and enter their own time off which is then auto approved. There is no workflow so their manager won't have to approve the request and may not even know the request has been entered unless they specifically checked.

Even if the admin user did use Self Service to enter their time off and it was approved by their manager, the admin user could then go into the main Time Off module and edit or delete the request, again, with no notification or workflow going to their manager.

Further, as admin user can view everything they can view and access their managers (and even higher than their managers) pay and benefits details and they could change these - again no notification or approval required.

We STRONGLY recommend that you do not assign admin level rights to any employee (the person who sets the account up in the first place has admin rights by default). If you do assign admin rights then we recommend you only give these sparingly and to someone in a very senior position (i.e. as close to the top as possible) so they do not get access to information which you company many not want them to have access to.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk