top of page

< Back to policies

User Access Restrictions

Scope:

This policy is to provide detail on the various categories of user and the standard

access they are granted to the Software.

Policy:


Key users:

  • Administrator: has full access to all the Required Modules and associated settings and configuration options.

  • Project Manager: has restricted access to the Required Modules, enabling them to add and manage projects, jobs, costs, and specifications. They can also manage associated resources, timesheets, schedules, quotes, and expenditure. Project Managers do not have access to configuration settings or system-level options.


  • Procurement Manager: has access to all functionality within the Sourcing module, excluding configuration settings. This role supports full lifecycle management of procurement exercises in compliance with the Public Contracts Regulations and the Procurement Act 2023, including internal policy adherence. Users may create and manage requirements, contracts, categories, suppliers, and associated performance, expenditure, and contract records. They are authorised to publish questionnaires and statutory notices (e.g., via Find-a-Tender, CDP, Contracts Finder, and the public portal), manage clarification Q&A, oversee evaluation and moderation activities, and progress awards—subject to relevant authorisation controls.


  • Purchase Approver: has restricted access to approve requisitions submitted by users within their assigned teams or departments, in line with approved budget and/or spend thresholds. They may also receipt orders placed by other users, subject to their assigned permissions.


  • Contract Manager: has all the functionality available to a Procurement Manager user except for the option to create and publish notices, and also has access to the Sourcing functionality on Panacea Software to allow them to research, tender and manage contracts for which they are named as a Contract Manager.


  • Contributor: has restricted access to the Required Modules with no access to add projects, jobs, costs or specifications, and with no access to configuration options, charging, e-procurement or reports.


  • File Share: has access to specified documents folders only on those jobs in which they are involved.


  • Finance Officer: has restricted access to the Required Modules, tailored to their financial oversight responsibilities. This includes access to reports relating to budgets, commitments, expenditures, and revenue management. Finance Officers may manage P2P user exceptions, oversee supplier financial data and compliance records, and handle exception invoice imports and reconciliation. They may also view summaries of related jobs and projects, supporting financial control and audit readiness.


  • Asset Manager: has access to check, manage and approve assets, grant permission for their use, revoke permissions in case of opt-out, manage asset settings, rules and tags.


  • Press, Media or Stakeholder Manager: has full access to Panacea Reach module to manage, monitor and report on enquiries, subjects, releases, projects, tasks and media contacts.


  • T&I Administrator:  has access to settings and automated workflow for T&I booking management, can add jobs, costs and booking requests, and has access to T&I reports.

     

  • T&I Buyer:  has access to automated workflow for T&I booking management, can add jobs, costs, booking requests, and restricted access to T&I reports.


    Unlimited (FREE) Users

  • Authoriser: has restricted access to authorise requests and orders submitted by Client users within their assigned teams or departments, in accordance with configured authorisation workflows.

     

  • Asset approver: has restricted access to approve imported assets.

     

  • Asset library: has restricted access to the assets they have approval to use.

     

  • Buyer: has restricted access to the P2P Buyer Interface, enabling them to create, process, and receipt requisitions and purchase orders in accordance with configured approval workflows. Buyers can manage and monitor transactions but cannot approve or authorise orders unless explicitly granted those permissions.


  • Client: has restricted access to the Client Interface of Required Modules only.


  • Client Manager: has restricted access to the client interface of Required Modules and has restricted access to process orders placed by their teams/departments.


  • Client Admin: has restricted access to the client interface or Required Modules and can place orders on behalf of their teams/departments.


  • Evaluator:  has restricted access to evaluate and score bids from interested providers participating in e-procurement and tenders.


  • Interested Provider:  has restricted access to register interest in advertised opportunities. They can review tender documentation, review and ask clarification questions and answers on their interface. Here they can complete, save and submit responses to pre-tender research activity and tender opportunities.


  • Stakeholder: has restricted access to the Sourcing module with the option to view documents and suppliers, to create notifications for themselves and other stakeholders and comment on those Requirements on which they are named as a Stakeholder.


  • Supplier: has secure, restricted access to the supplier interface of the Required Modules. Suppliers can manage their organisation’s details, user accounts, pricing, compliance data, and documentation. They may submit performance data, respond to research and tender questionnaires, correspond with users, and manage quote requests and provisional enquiries. Additionally, they can accept orders, confirm deliveries, and submit invoices in accordance with Subscriber requirements.


  • T&I supplier: has restricted access to manage their appointments, bookings and calendar.


  • Timesheet User: has access to resource scheduler and timesheets to manage and record time on tasks and jobs allocated to them.

bottom of page