Security / Authorization can be specified at multiple levels in the system. The most common way to restrict access is by assigning users to groups and then assigning groups to applications, lists and processes.


If a user, has access to an Application then the system shall assume that they have access to all Lists and Processes under that Application (unless those Lists and Processes are restriced themselves)

 

If a user does not have access to an application then they shall not be able to view any data under that application.


Location level security can be used to further restrict user access to individual documents/electronic records. See the Locations section of the help guide for more information.