Roles & Permissions FAQs

Roles and Permissions in KEBS define what each user can view, edit, and manage within the platform. This role based access control framework ensures that the right people have access to the right data and actions, protecting sensitive business information and enforcing governance across the organization.

To configure them, navigate to Settings > Roles & Permissions.

KEBS provides a set of predefined roles to address common organizational needs, including:

• Administrator: Full access to all modules and settings.
• Super User: Broad access with some restrictions on global settings.
• Manager: Access to team data, project tracking, and approvals.
• Employee: Access to assigned tasks, timesheets, and personal profile.
• Finance User: Access to billing, invoicing, and financial reports.
• Collaborator: Limited access to assigned projects and shared resources.

Yes. Administrators can create custom roles tailored to specific organizational requirements. Navigate to Settings > Roles & Permissions > Create Role, define the role name, and assign granular permissions across modules. Custom roles can then be applied to users like any predefined role.

KEBS supports granular, field level permissions. Administrators can control access to specific modules, sub modules, actions (view, create, edit, delete, approve, export), and even individual data fields such as salary, billing rate, and contract value. This level of granularity ensures precise governance.

Navigate to Settings > Team Members, select the user, click Edit Profile, and choose the appropriate role from the dropdown. Save the changes, and the new role takes effect immediately. Users may need to refresh their session to see the updated access.

Yes. KEBS supports multi role assignments where a user can be assigned more than one role to cover different responsibilities. For example, a user could be both a project manager and a finance approver. Effective permissions are determined by combining all assigned roles.

Permissions in KEBS span all five core modules: CRM, Deal Management, Resource Management, Project Management, Finance Management, and Ticket Management. Administrators can configure access to each module independently, ensuring users only see data relevant to their role.

Yes. Administrators can restrict visibility of sensitive fields such as employee compensation, deal value, customer revenue, project margins, and bank details. Only users with the appropriate role permissions can access this information, ensuring confidentiality.

Yes, if enabled by administrators. Collaborators can be granted permission to view and manage their own allocations under Settings > Resource Management. By default, only administrators and super users perform resource allocation, but this can be customized to meet organizational needs.

Dashboards and reports respect role based permissions throughout KEBS. Users see only the data they are authorized to view. For example, a project manager sees data for their projects, while a business unit head sees data across their entire business unit. This ensures consistent governance from operational details to executive views.

Yes. To save time, administrators can clone an existing role and modify it as needed. Navigate to Settings > Roles & Permissions, select the role, choose Clone, and update the permissions for the new role. This is especially useful for creating variations of similar roles.

Every permission change in KEBS is logged in the audit trail. Navigate to Settings > Security > Audit Logs to view who made what change, when, and to whom. This supports both internal governance and external compliance reviews such as ISO 27001 and SOC 2 Type 2 audits.

Yes. KEBS supports multiple administrators within an organization. The primary admin can grant role management permissions to other trusted users, allowing distributed governance while still maintaining oversight through audit logs.

When a user’s role is changed, their permissions update immediately. Any data, modules, or actions outside the new role’s scope become inaccessible. Historical data they previously created is retained for compliance, but visibility now follows the new role’s permission rules.

Yes. KEBS supports external user permissions, allowing customers or partners to access specific modules through controlled views. Permissions can be configured to allow customers to view project status, raise tickets, or interact with shared resources while restricting access to internal data.

Navigate to Settings > Roles & Permissions to view a list of all roles defined in your organization. Selecting any role displays its detailed permission matrix across modules, making it easy to review and refine access policies.

Yes. KEBS allows administrators to disable roles temporarily without losing the configuration. This is useful when a role is being restructured or paused. Disabled roles cannot be assigned to users until they are reactivated.

Yes. The KEBS role based access framework is designed to meet global enterprise security standards. KEBS is ISO 27001 certified, AICPA SOC 2 Type 2 compliant, and GDPR aligned, ensuring permission management meets stringent regulatory requirements.

KEBS supports automatic role mapping when SSO is enabled. Administrators can configure mapping rules so that users provisioned through identity providers such as Azure Active Directory, Okta, or Microsoft 365 are automatically assigned the correct KEBS role based on their group membership in the identity provider.

Getting started is simple. Request a demo through the KEBS website and our implementation team will guide you through role design, permission mapping, custom role creation, and integration with your identity provider. Most organizations complete role configuration within a few days with ongoing support from the KEBS team.