Explaining Administrator Permissions and Levels

Administrators can grant employees access to all or some administrative tools by granting full or partial administrative functions.

For example, if your company has remote offices, you can allow the regional onsite manager to reset employee passwords. There are several permission sections, each with a set of permissions. You can grant multiple employees administrative permissions for the entire section. Manage User is an example of an Administrator Permissions section.

Employees with administrative privileges have the Admin Center option in the Main Navigation drop-down menu. The Admin Center page only shows active links to administrative features for which the employee has permission.

You can also use administrative permissions to set granular control over administrator user access. This feature is ideal for companies with independent business structures where administrators are generally responsible for managing the system at only the region or division level. You can assign administrators to manage only a selected user population and only a selected group of administrator functions.

This approach creates three levels of administrators: Super Administrator, Security Administrator, and Administrator.

A super administrator is created in Provisioning, the back end of the SAP SuccessFactors system. The super administrator generally acts like a global administrator for your SAP SuccessFactors system, with full access to administrator activities and full access to manage Role-Based Permissions. Only a super administrator can make other users security administrators.

Security administrators are also global administrators responsible for managing permission roles and groups in the RBP framework. These administrators can grant users access to functionality in the Admin Center or general user pages.

An administrative user in SAP SuccessFactors Employee Central is a local user with access to the Admin Center and the functions therein.

Groups and their corresponding permissions are automatically updated when changes occur. For example, if you have assigned an administrator to oversee all departments in the company, and next month, the company adds a new department (Department X), your administrator automatically gains access to Department X because it is within his assigned group. (Previously, changes like this would have to be manually updated, meaning you would have to manually give each administrator permission to access the new Department X.)

• Administrators can grant employees access to all or some administrative tools by granting full or partial administrative functions. Employees with administrative privileges have the Admin Center option in the Main Navigation drop-down menu.
• You can also use administrative permissions to set granular control over administrator user access; you may want to set up multiple levels of administrators with access only to a select group of administrator functions or to manage a selected user population.

Based on the content in this section, please review the list of implementation decisions your company may need to make before implementation begins and discuss them with your stakeholders, project team, and SAP SuccessFactors implementation consultants. In this way, you will be better prepared to begin the implementation.

• What type of roles does your organization currently use?
• What types of access should these roles have to their own information? What access should these roles have to other employees’ information?
• What kind of groups would you like to set up?
• What permission groups would you like to create? What target groups would they have administrator permissions over?