Inherited Security Rights

Options
Hi Everyone!

I hope all is well. Working on Security Rights on a database I inherited and I noticed that the Comptroller has "Supervisor Rights" and directors have "deleting" rights to All constituents and Gifts. I know that they need deleting rights for notes, and solicitor information. Please tell me that this IS NOT normal!


Thanks in advance! Take care, be safe and have a good day!


Thanks!

Lanetta

Comments

  • Lanetta,

    Nope, not normal.

    Only myself (DBA) and our head of IT have supervisor rights to RE, only a couple select folks have any rights for deletion, and it is for constituency codes or solicit codes. No one has the rights do any other deletions except supervisors.
  • Dariel Dixon 2
    Dariel Dixon 2 Community All-Star
    1,500 Likes Seventh Anniversary 1000 Comments Photogenic
    Do you have an integrated version of Financial Edge?  That might explain the comptroller.


    As far as normal, I don't know if its normal, but are you empowered to change it.  Bad practice or not, that's the decision (or culture) that exists.


    There's a lot of variables.  I'd give it the side eye, but I would ask questions about it before acting on it.
  • Hello everyone! 

    I hope all is well. Thanks for the suggestions and information! I greatly appreciate it!


    Each of your points are well taken. Since I've never worked at an organization that had Financial Edge and Raiser's Edge integrated until now, I just thought that it was "unusual" for the comptroller to have supervisor rights, for the reasons that some of you mentioned about the audit trail and deleting gifts. The plan is to ask more questions before taking action. Just wanted to inquire the community to find out what others do! :-) 


    Thanks again! Take care, be safe and have a good day!


    Thanks!

    Lanetta
  • No, this is definitely not normal and I would venture to say it's bad practice.  Our Finance department (I'm assuming your comptroller position lies there) only has viewing rights to RE and those are limited. We're a smaller organization (the advancement team is 8 people which includes our VP) and I am the only one with supervisor rights (along with the IT administrator).  I have given limited delete rights for others and I am the only one that can delete a constituent or a gift.  Deleting a constituent or a gift is extremely rare.  You can inactivate a constituent, or adjust/write off a gift.  You certainly want to leave an audit trail.

Categories