User roles and permissions in OGSM

To view and edit a team's OGSM, users must be given access. This can be done in two ways:

  1. The team administrator adds the user as Administrator, Participant, Commenter, or Viewer to the team.
  2. The environment administrator adds the user to a user group that has access to one or more teams.

Read the article: Invite users for a team

Read the article: User groups

In this article, we provide several tips for setting up roles and permissions when using OGSM.

Note: For convenience, we'll refer to giving access to an OGSM below. Strictly speaking, users are given access to a team that contains one or more OGSMs.

Roles and permissions

What's actually the difference between roles and permissions? A role is a type of function. In a team, we have the following roles: Viewer, Commenter, Participant, and Administrator.

Each role has specific permissions to view or modify things. For example, a Viewer can only view the OGSM. A Viewer cannot modify anything. An Administrator, on the other hand, can modify everything and add users to the team.

The permissions are fixed for each role. Only for a Viewer can you set specific permissions. Read more in the article below.

Read the article: Overview of roles and permissions

Principles for setting up roles and permissions

Managing roles and permissions can quickly become complicated. Therefore, it helps to formulate a set of principles for user groups. Here are some suggestions:

  • Employee:
    • An employee is a Participant in the team where they participate in action review sessions and strategy review sessions. This way, the employee can prepare for the sessions and read the reports.
  • OGSM owner:
    • An OGSM owner (the team's manager) is an Administrator in the team they lead. This allows them to manage team members and make changes to the OGSM.
  • Process owner:
    • A process owner is an Administrator in the team where they facilitate the action review sessions and strategy review sessions.
    • Often there is a team of process owners (they are then called OGSM experts or OGSM champions). It can be useful to make process owners Administrator in their colleagues' OGSMs, so they can replace each other.
  • All employees:
    • All employees are Viewer in the organization's OGSM. This way, all employees can see which overarching plan they're contributing to.
    • Or: All employees are Viewer in all OGSMs of the organization. If you opt for complete transparency.
    • The platform administrator can configure what a Viewer can or cannot see in an OGSM. This way, you can hide the status of items (traffic lights), progress reports, actions, and/or comments.
    • We advise against making all users Participant or even Administrator in all OGSMs.
  • All employees within a division/department/business unit:
    • All employees are Viewer in the OGSM of the division/department/business unit.
    • Or: All employees are Viewer in all OGSMs of the division/department/business unit. If you opt for more transparency.

User groups

By setting up user groups, you can easily implement the established principles. We recommend the following groups:

  • Process owners
  • All employees. Tip: enable the 'Automatically add new users to this user group' checkbox. This way, a new user automatically has access to the OGSMs.
  • Employees of division/department/business unit A
  • Employees of division/department/business unit B, etc.

Additionally, you can create user groups for specific roles. For example, think of Business controllers who get access to all OGSMs at level 1 and 2.

Still need help? Contact Us Contact Us