Setting User Permissions in an ERP or MRP System

User permissions can be tailored specifically for the company’s employee base so that the system can be optimized for maximum benefit.

You can also listen to this article:

Adopting a new ERP or MRP system for manufacturing can be an exciting and interesting time.  It can bring hope for better automation, improved analytics, and reduced workloads.  But the project must be done right and planned well to keep it from consuming and distracting from the manufacturing process.

Unfortunately, many organizations under plan the project in general and do not properly account for the need to respond quickly when implementation issues arise.  As a result, many tasks that should be intuitive as to their necessity are often forgotten or not planned out as well either, leading to problems during and after implementation.

One surprising aspect that can be overlooked or under planned is user permissions within a new system.  User permissions can make or break implementation projects and cause havoc if not done correctly.  Either the system is implemented, and users have too few permissions available to them and the system cannot reach its potential, or, users are allowed too many permissions risking the introduction of unnecessary data breaches as well as the integrity of the data input. 

You might also like an article about Building an ERP Implementation Team for Manufacturing.

Having a Clearly Defined Organizational Process

For any manufacturer, having a clearly defined organizational process is critical to the success of ERP/MRP implementation.  However, for small and medium-sized manufacturing companies, the move to a new ERP or MRP system may mean more than just changing software.  It may be the first real attempt to move to a unified platform and away from disparate systems and ad hoc software that worked together poorly if at all.  In these cases, simply allowing staff to do what they did in the piecemeal system may not be enough.

Even today, with so many options for planning and software implementation available, over 50% of all IT projects fail.  In these cases, approximately 45% of the failures are the result of process mistakes and 43% are the result of people’s mistakes.  A clearly defined organizational process will help build an environment where everyone is aware of their responsibilities and planning for system implementation can be developed to maintain this.  Steps to develop an adequate organizational process for implementation include:

• Review plans to ensure that objectives can be obtained, and goals met.
• Specify all tasks, no matter how tedious, that need to be undertaken to achieve objectives.
• Classify and distribute the work into achievable and manageable pieces for the team to accomplish.
• Delegate authority – no one manager can drive the entire process due to complexity.
• Manage changes as they occur to make sure that the scope of the project and its core intent do not creep.
• Communicate, communicate, communicate

Setting User Access Permissions

With the right organizational process in place, companies will be less likely to overlook proper user access permissions.  And that’s a good thing.  One study has shown that 44% of employees have access rights that do not relate to their current role.  It also shows that as much as 80% of employees access sensitive data out of curiosity.  This risks customer data and can impact business performance when out of control.

Here are some issues to consider when setting proper user access permissions:

• Be Aware of Default Permissions – Most platform service providers use defaults.  This is a necessary step because it is impossible to know exactly what level of permission will be required for each company.  It will depend on the manufacturer’s size, complexity, product, skill level, ownership arrangement, and many other factors.  It is assumed that the company will customize this and add or reduce permissions as part of their planning process.
• User-Based vs Role-Based Permission – Another key consideration for granting setting proper user access permissions is whether to use role-based vs user-based permissions.  It is possible to use either, or a combination of the two.
• User-based is a very detailed level of user permission where a login grants specific users’ access and permissions are set by an administrator.  This requires a deeper level of task planning at the outset, but it is very customized for specific needs and job functions.  For small and medium-sized manufacturers, it can also be a way to manage permissions by skillsets as more skilled employees on the system may have more access than less skilled.
• Role-based access permission grants broadly defined permissions to a specific role.  For example, those whose job title is “Purchasing Agent” may have the same permissions.  The same may be true of “Scheduler” or “Supervisor”.  It is easier to edit permissions as they are group level rather than individual. 
• Permissions by Department – Because a robust ERP/MRP system will engage many workers throughout a factory, it may require setting up role-based permissions by the department.  This gives front line manufacturing workers access to the system for the access or upload of critical information that may be needed by upstream administrative positions.  Conversely, it can offer real-time changes to BOMs, inventory levels, delivery times, and other key workflow information as it comes from scheduling or purchasing.  The access and permission for use by department allows this data to be moved through the system in real-time and managed in a way that optimizes the operation and reduces waste, improves delivery times, and eliminates overruns or shortages.
• Hierarchy of Permissions – Role-based permissions may also have a hierarchy of access depending on the size and complexity of the factory.  For example, a “Supervisor” may have access to certain labor tracking and labor management options but with limits, while a “Department Manager” who leads the supervisors may have a higher level of access.  The same goes for functions such as “Purchasing Agents” which commonly have dollar or volume limits with additional permission given to a “Senior Purchasing Manager” to approve higher limits.  Some ERP/MRP systems include the approval chain as part of the process on the assumption that access, and limits, will change as the request moves higher in the chain.  This helps make the system more efficient and flexible.
• User Experience and ‘Super-Users’ – Small and medium-sized manufacturers usually have skillsets that vary broadly.  They may also have staff members who wear many hats performing more than one core function at a time.  In these cases, using user-based permissions may benefit the company as it scales.  This may be based on experience with the system, the production, the manufacturing method, and complexity, or simply tenure within the organization.  By having such “Super-Users” with a high level of permission, a small and medium-sized manufacturer can tailor permissions based on those skillsets and trust levels.  It can also provide oversite, guidance, and training to junior staff members, or to new members, as the company scales.

A new ERP/MRP system implementation does not have to be a daunting project.  By having a clearly defined organizational process in place, manufacturers can ensure that proper planning is done prior to adoption to ensure that all tasks are accounted for.  And as the project gets underway, understanding the size, scope, scale, product, and complexity of the company can help manufacturers set user permissions tailored specifically to their company’s employee base so that the system can be optimized for maximum benefit.