Access grants

Access grants enable certain activities within PPM.

Overview of access grants

PPM comes with predefined access grants. Installing an Deployment Management Extension may introduce additional access grants. To see the list of the available access grants, see Predefined access grants.

In general, view access grants provide read-only access to screens and entities. Users who do not have a view access grant cannot see certain workbenches and windows.

Edit access grants typically enable a user to view, create, modify, and delete entities. For example, if you have the Edit Requests access grant, you can delete requests that you have created.

Edit Security Groups access grant

Any users with the Edit Security Groups access grant can add themselves to the PPM All Access Grants security group. This security group allows complete access to PPM. You cannot modify this security group to limit this ability.

If you want to assign a user the Edit Security Groups access grant but do not want to give the user the complete access, you can create a copy of the PPM All Access Grants security group, modify the copied security group to limit access to itself, and then disable the existing PPM All Access Grants.

To make a copy of the PPM All Access Grants security group and limit its access:

From the Security Group Workbench, select the PPM All Access Grants security group and click Copy.
Edit the copied security group as follows:
1. In the Ownership tab, set the ability to edit the copied security group.
2. In the Users tab, assign all users who are part of the PPM All Access Grant security group to the copied security group.
3. Make any additional updates to limit access to the security group.
4. Save your changes.
From the PPM All Access Grants security group, remove all users and save your changes.
Run the following SQL statement to disable the PPM All Access Grants security group:
Copy code
```
UPDATE knta_security_groups SET enabled_flag='N' WHERE security_group_id = 3;commit;
```
Restart the PPM Server.

Predefined access grants

The following table lists the predefined access grants and provides a description of each.

Category	Access Grant Name	Description
Config	Edit Activities	Modify activities in the Activities Workbench.
Config	Edit Notification Templates	Create, update, and delete notification templates in the Notification Templates Workbench.
Config	Edit Report Types	Create, update, and delete report types in the Report Types Workbench.
Config	Edit Special Commands	Create, update, and delete special commands in the Special Command Workbench.
Config	Edit User Data	Create, update, and delete user data definitions in the User Data Workbench.
Config	Edit Validation Values	Create, update, and delete validation values in the Validations Workbench.
Config	Edit Validations	Create, update, and delete validations in the Validation Workbench.
Config	Edit Workflows	Generate, update, and delete workflows in the Workflows Workbench.
Config	View Activities	View activities in the Activities Workbench.
Config	View Notification Templates	View notification template definitions in the Notification Templates Workbench.
Config	View Report Types	View report type definitions in the Report Types Workbench.
Config	View Special Commands	View special command definitions in the Special Command Workbench.
Config	View User Data	View user data definitions in the User Data Workbench.
Config	View Validations	View validations in the Validations Workbench.
Config	View Workflows	View workflow definitions in the Workflows Workbench.
Demand Mgmt	Access Request Query Builder	Use the request query builder on the Search Requests page.
Demand Mgmt	Change Request Type	Change the request type for existing requests.
Demand Mgmt	Edit All Contacts	Edit and delete contacts using the Contact Workbench.
Demand Mgmt	Edit All Requests	Perform advanced request processing actions. User always has permission to: Edit the request. Delete or cancel a request. User can: Override and remove any references on any request. Change the workflow when creating and editing a request.
Demand Mgmt	Edit Contacts	Create and update contacts in the Contact Workbench.
Demand Mgmt	Edit Demand	Access the Demand Management scheduling functions, the consolidated picture of demand, and all other Demand Management menu items related to scheduling or managing demand.
Demand Mgmt	Edit Request Header Types	Create, update, and delete request header types in the Request Header Types Workbench.
Demand Mgmt	Edit Request Types	Create, update, and delete request types in the Request Types Workbench.
Demand Mgmt	Edit Requests	Perform basic request processing actions. Allows the user to: Generate requests. Edit the request as specified on the User Access tab in the Request Type window. Delete the request as specified on the User Access tab in the Request Type window for requests that you have submitted. Cancel the request as specified on the User Access tab in the Request Type window. User cannot change the workflow when creating or editing a request.
Demand Mgmt	Import Request	Enables the user to have the access to import requests from XML files.
Demand Mgmt	Override Demand Mgmt Participant Restriction	Allows the user to review a request regardless of whether the user is allowed to view as defined on the request type's User Access tab.
Demand Mgmt	View All Contacts in Request	View all contacts in a request, even if a company is associated with the request.
Demand Mgmt	View Contacts	View the contact definition in the Contact Workbench.
Demand Mgmt	View Request Header Types	View request header type definitions in the Request Header Types Workbench.
Demand Mgmt	View Request Types	View the request type definition in the Request Types Workbench.
Demand Mgmt	View Requests	View requests in the Request Types Workbench.
Deployment Mgmt	Edit All Packages	Edit or delete any packages.
Deployment Mgmt	Edit All Releases	Create, edit and delete any release using the Releases Workbench. A user with this grant can: Create a release Be designated as the release manager in the Release window Edit or delete any release in PPM (regardless of the specified release manager in the Release Management window).
Deployment Mgmt	Edit Object Types	Create, edit, and delete object types in the Object Types Workbench.
Deployment Mgmt	Edit Packages	Perform the following basic package processing actions: Create, edit certain related packages. Delete certain packages that have not been submitted. To edit the package, user must be: The creator "Assigned to" user Member of the assigned group Member of the workflow step's security group User cannot delete a package if it has been released or if user is not the owner.
Deployment Mgmt	Edit Releases	Perform basic release processing actions in the Releases Workbench. A user with this grant can: View any release Be designated as the release manager Create releases Edit or delete any release that the user created Act on any distribution workflow steps where the user is included in the step security. Edit or delete a release that the user did not create (only if the user is designated as the release manager in the Release Management window).
Deployment Mgmt	Override Deployment Mgmt Participant Restriction	View detailed information on a restricted package for which the user is not an active participant.
Deployment Mgmt	Submit Environment Refreshes	Create and submit an environment refresh in the Env Refresh Workbench.
Deployment Mgmt	View Environment Refreshes	View environment refresh definitions in the Env Refresh Workbench.
Deployment Mgmt	View Object Types	View object type definitions in the Object Types Workbench.
Deployment Mgmt	View Packages	View packages in the standard interface or the Package Workbench.
Deployment Mgmt	View Releases	View release definitions in the Releases Workbench. Act on any distribution workflow steps that include the user in the step security.
Environments	Edit Environments	Create, update and delete environments in the Environment Workbench.
Environments	View Environments	View environment definitions in the Environment Workbench.
Financial Mgmt	Edit Actuals on All Financial Summaries	Allows the user to edit actuals of and create snapshots for all financial summaries in the system.
Financial Mgmt	Edit Actuals on Financial Summary	Allows the user to edit the actuals of and create snapshots for the financial summary. The user must also have the following: Edit Costs access right on the Configure Access page of the financial summary. View Costs access right on the Configure Access page of the financial summary.
Financial Mgmt	Edit All Financial Benefits	Allows the user do the following: Edit financial benefits (add, update, and delete benefit lines) of all financial summaries in the system. Take and view snapshots of all financial summaries in the system. Edit financial benefits of all financial data tables of all requests in the system. The user must also have access to view the financial summary's costs or the financial data table's costs (see the View Costs on Financial Summary access grant in this table).
Financial Mgmt	Edit Approved Budget	Allows the user to edit the approved budget of the financial summary. The user must also have the following: Edit Approved Budget access right on the Configure Access page of the financial summary. Access to view the financial summary's costs (see the View Costs on Financial Summary access grant in this table).
Financial Mgmt	Edit Approved Budget on All Financial Summaries	Allows the user to edit approved budgets of all financial summaries in the system. This access grant should be used in conjunction with the View Costs on All Financial Summaries or the Edit Costs on All Financial Summaries access grant.
Financial Mgmt	Edit Cost Rate Rules	Create, edit, and delete cost rate rules.
Financial Mgmt	Edit Cost Security	Allows the user to add and delete users and security groups and change their access rights on the Configure Access page of the financial summary or the request's financial data table. (For a project, also allows the user to select cost participants in the Project Security policy in Project Settings.) The user must also have the following: Edit Security access right on the Configure Access page of the financial summary or the financial data table. Access to view the financial summary's costs or the financial data table's costs (see the View Costs on Financial Summary access grant in this table).
Financial Mgmt	Edit Cost Security on All Financial Summaries	Allows the user to edit cost security of all financial summaries and all financial data tables in the system.
Financial Mgmt	Edit Costs on All Financial Summaries	Allows the user to do the following: Edit forecast and actual costs (add, update, and delete cost lines) of all financial summaries in the system. Take and view snapshots of all financial summaries in the system. Edit the Name and Description fields in the Summary section of all financial summaries in the system. Edit the financial summary settings of all financial summaries in the system. Edit forecast and actual costs (add, update, and delete cost lines) of all financial data tables of all requests in the system. Edit the Name and Description fields in the Summary section of all financial data tables of all requests in the system.
Financial Mgmt	Edit Costs on Financial Summary	Allows the user to do the following: Edit forecast and actual costs (add, update, and delete cost lines) of the financial summary. Take and view snapshots of the financial summary. Edit the Name and Description fields in the Summary section of the financial summary. Edit the financial summary settings. Edit forecast and actual costs (add, update, and delete cost lines) of the request's financial data table. Edit the Name and Description fields in the Summary section of the request's financial data table. The user must also have the Edit Costs access right on the Configure Access page of the financial summary or the financial data table.
Financial Mgmt	Edit Financial Benefits	Allows the user to do the following: Edit financial benefits (add, update, and delete benefit lines) of the financial summary. Edit financial benefits of the request's financial data table. The user must also have the following: Edit Benefits access right on the Configure Access page of the financial summary or the financial data table. Access to view the financial summary's costs or the financial data table's costs (see the View Costs on Financial Summary access grant in this table).
Financial Mgmt	Edit Financial Exchange Rates	Create and update financial exchange rates.
Financial Mgmt	Edit Work Plan Cost Data	Edit cost data related to tasks, projects, programs, resources and skills. The user must also have access to edit these entities.
Financial Mgmt	Manage Cost Factors	User can reprioritize, add, or remove cost factors.
Financial Mgmt	Set a Financial Summary Snapshot as the Plan of Record	Allows the user to specify a snapshot in the list of financial summary snapshots as the Plan of Record. The user must also have the following: Set Plan of Record access right on the Configure Access page of the financial summary. Access to view the financial summary's costs (see the View Costs on Financial Summary access grant in this table).
Financial Mgmt	Set Plan of Record on All Financial Summaries	Allows the user to specify a snapshot in the list of snapshots as the Plan of Record, for any financial summary in the system.
Financial Mgmt	View All Financial Benefits	Allows the user to do the following: View financial benefits of all financial summaries in the system. View financial benefits of all financial data tables of all requests in the system. The user must also have access to view the financial summary's costs or the financial data table's costs (see the View Costs on Financial Summary access grant in this table).
Financial Mgmt	View Cost Rate Rules	View cost rate rules on the Cost Rate Rules page.
Financial Mgmt	View Costs on All Financial Summaries	Allows the user to do the following: View forecast and actual costs, approved budgets, and cost forecasts on snapshots of all financial summaries in the system. View forecast and actual costs of all financial data tables of all requests in the system.
Financial Mgmt	View Costs on Financial Summary	Allows the user to do the following: View forecast and actual costs, approved budgets, and cost forecasts on snapshots of the financial summary. View forecast and actual costs of the request's financial data table. The user must also have the View Costs access right on the Configure Access page of the financial summary or the financial data table. Note: The View Costs access right is automatically given to the cost participants of the lifecycle entity that is the current parent of the financial summary.
Financial Mgmt	View Financial Benefits	Allows the user to view financial benefits of the financial summary or the request's financial data table. The user must also have the following: View Benefits access right on the Configure Access page of the financial summary or the financial data table. Access to view the financial summary's costs or the financial data table's costs (see the View Costs on Financial Summary access grant in this table).
Financial Mgmt	View Financial Exchange Rates	User can view financial exchange rates.
Financial Mgmt	View Project, Program, and Time Sheet Cost Data	View cost data related to tasks, projects, programs, resources, and skills. The user must also have access to view these entities.
PMO	Create Programs	When combined with the Edit Programs access grant, the user can create a program.
PMO	Edit All Programs	Create and edit any program.
PMO	Edit Programs	Program manager having this access grant can create and edit a program.
PMO	View Programs	View program definitions.
PMO	Delete Programs	When a user can edit a program and have this access grant, the user can delete a program.
PMO	View Program Type	View program types.
PMO	Edit Program Type	Create, edit and delete program types. Editing can be further restricted through ownership controls defined in the program type.
Portfolio Mgmt	Configure Portfolio Management	Allows users to do the following: On the Configure Portfolio and Scenario Comparison Options page, select which PFM request fields are made available for users to view in the Proposals/Projects/Assets tab of hierarchical portfolios and in the Scenario Content table of scenario comparisons. On the Configure Portfolio and Scenario Comparison Options page, set categorization preferences for scenario comparisons. On the Configure Portfolio and Scenario Comparison Options page, set financial metrics for portfolios. Configure the scoring key for proposals/projects/assets.
Portfolio Mgmt	Edit All Portfolios	Allows the user to do the following: View the portfolio hierarchy View all portfolios in the system Create new portfolios Delete empty portfolios Edit all portfolios in the system, including changing portfolio names, adding and removing portfolio managers, and editing portfolio access rights on the Configure Access page View and edit the Analyze Current Portfolio page and the following portlets: Capitalized Project Breakdown Capitalized Project Timelines Current Portfolio Map Impairment Risks Portfolio by Category Resource by Category Total Exposure Create and edit business objectives
Portfolio Mgmt	Edit All Scenario Comparisons	View, edit, and delete any scenario comparisons in the system, and create new scenario comparisons.
Portfolio Mgmt	Edit Portfolio	Allows the user to do the following: View the portfolio hierarchy. View the portfolios for which the user also has the View Portfolio or Edit Portfolio access right on the Configure Access page. Edit the portfolios for which the user also has the Edit Portfolio access right on the Configure Access page. However, having the Edit Portfolio access grant and the Edit Portfolio access right is not sufficient to allow the user to edit a portfolio's access rights or portfolio managers. Be available for selection in the Portfolio Manager auto-complete field in all portfolios. Then, if selected as a portfolio manager for a portfolio, the user can edit that portfolio and specify other portfolio managers for that portfolio. Be available for addition to the Configure Access page to be given the View Portfolio and Edit Portfolio access rights.
Portfolio Mgmt	Edit Scenario Comparison	Allows the user to view, edit, and delete any scenario comparison for which the user is on the specified Edit list, and can create new scenario comparisons.
Portfolio Mgmt	View All Portfolios	Allows the user to do the following: View the portfolio hierarchy View all portfolios in the system View and edit the Analyze Current Portfolio page and the following portlets: Capitalized Project Breakdown Capitalized Project Timelines Current Portfolio Map Impairment Risks Portfolio by Category Resource by Category Total Exposure
Portfolio Mgmt	View Scenario Comparison	Allows the user to view any scenario comparison for which the user is on the specified View or Edit list.
Portfolio Mgmt	Manage KPIs	Allows users to add and modify KPIs.
Project Mgmt	Create Projects	Create projects through the standard interface. The user must have one of the following access grants: Project Mgmt: Edit Projects Project Mgmt: Edit All Projects
Project Mgmt	Edit All Projects	Edit all projects, even if the user does not otherwise meet the participant restrictions on the project. This includes the ability to perform functions reserved for the project manager.
Project Mgmt	Delete Projects	Delete projects that do not have actuals logged. The user must also have the Project Mgmt: Edit Projects access grant and be assigned as a project manager on the project, or have the Project Mgmt: Edit All Projects grant.
Project Mgmt	Delete Projects with Actuals	Delete projects, even if actuals have been logged. The user must have the Project Mgmt: Delete Projects and associated access grants.
Project Mgmt	Edit Project Types	Create, edit and delete project types. Editing can be further restricted through ownership controls defined in the project type.
Project Mgmt	Edit Projects	Edit projects and work plans. If the users is editing project-level fields and the project process, any security defined on the project process request type and workflow is enforced. Note: Some functions are limited to the project managers for the project. These are: Modify settings Modify participant groups Override the overall project health Create, edit, schedule, or delete the project work plan Create the project staffing profile from the project overview page (also requires access grants for this entity) Create, delete, and set the active work plan baselines (requires additional grants) Delete projects (requires additional grants)
Project Mgmt	Edit Work Plan Templates	Create and edit work plan templates. Editing can be further restricted through ownership controls defined in the work plan template.
Project Mgmt	Manage All Work Plan Baselines	Create, update, delete, and set work plan baselines active for any project the user can view, even if the user is not a project manager for the project.
Project Mgmt	Manage Work Plan Baselines	Create, update, delete, and set work plan baselines as active. The user must also be the project manager for the project and have either the Edit Projects access grant, or the Edit All Projects access grant.
Project Mgmt	Synchronize Work Plans	Integrate work plans between Microsoft® Project and PPM.
Project Mgmt	View All Projects	View all projects, even if the user does not otherwise meet the participant restrictions on the project. Also allows the user to add projects to programs including projects that the user is not a participant.
Project Mgmt	Update Tasks	Allows assigned resources to update their work plan tasks through the My Tasks portlet.
Project Mgmt	View Project Types	View project types.
Project Mgmt	View Projects	View projects for which the user meets defined participant restrictions.
Project Mgmt	View Work Plan Templates	View work plan templates.
Resource Mgmt	Create Resource Pools	Create resource pools using the standard interface. The user must have one of the following access grants: Resource Mgmt: Edit Resource Pools Resource Mgmt: Edit All Resource Pools
Resource Mgmt	Create Staffing Profiles	Create staffing profiles using the standard interface. The user must have one of the following access grants: Resource Mgmt: Edit Staffing Profiles Resource Mgmt: Edit All Staffing Profiles
Resource Mgmt	Delete Staffing Profiles	User can delete a staffing profile as long as no actuals are specified.
Resource Mgmt	Delete Staffing Profiles with Actuals	User can delete any staffing profile in the system.
Resource Mgmt	Edit All Resource Pools	Edit or delete any resource pool.
Resource Mgmt	Edit All Resources	Edit the resource information for any resource defined in PPM.
Resource Mgmt	Edit All Roles	Create, edit, and delete all roles defined in PPM.
Resource Mgmt	Edit All Skills	Create, edit, and delete all skills defined in PPM.
Resource Mgmt	Edit All Staffing Profiles	Allows the user to edit or delete any staffing profile in the system.
Resource Mgmt	Edit Entire Organization	Edit and delete any organization unit.
Resource Mgmt	Edit My Calendar	A user who also has the View All Resources access grant can edit his or her own calendar information.
Resource Mgmt	Edit Only Organization Units That I Manage	Edit organization unit information for units that list the current user as the manager in the View Organization Unit page. Also delete any of these organization units.
Resource Mgmt	Edit only resources that I manage	Edit resource information for resources that list the current user as the Direct Manager. A resource's Direct Manager is displayed on the View Resource page.
Resource Mgmt	Edit Regional Calendars	Create, edit, and delete regional calendars defined in PPM.
Resource Mgmt	Edit Resource Pools	Edit resource pool information if the user has been granted edit access on the Configure Access for Resource Pool page. Delete these resource pools if given sufficient access on the Configure Access for Resource Pool page for that resource pool.
Resource Mgmt	Edit Staffing Profiles	Edit staffing profile information if the user has been granted edit access on the Configure Access for Staffing Profile page. Delete these staffing profiles if given sufficient access on the Configure Access for Staffing Profile page for that staffing profile.
Resource Mgmt	Edit Regions	Create, edit, and delete all regions defined in PPM. The user must also have the Configuration license to use this grant.
Resource Mgmt	Promise Unspecified Resources	Add, assign, modify, and remove promised allocations.
Resource Mgmt	Update Staffing Profile Status	Change the Staffing Profile Status value on the Change Staffing Profile Header page. To use this grant, the user must also have either the Edit Staffing Profiles or Edit All Staffing Profiles grant.
Resource Mgmt	View All Resource Pools	View resource pool information for all resource pools.
Resource Mgmt	View All Resources	View the resource information page for any resource defined in PPM.
Resource Mgmt	View All Resource Pools Cost	The user can view the cost charts in all the teams
Resource Mgmt	View Resource Pool Cost	The user can view the cost chart in the associated team of the resource pool where you have the View Cost right.
Resource Mgmt	View All Roles	View all roles defined in PPM.
Resource Mgmt	View All Skills	View all skills defined in PPM.
Resource Mgmt	View All Staffing Profiles	Allows the user to view any staffing profile in the system.
Resource Mgmt	View my personal resource info only	View only the user's own resource information page.
Resource Mgmt	View Only Resources That I Manage as a Direct Manager	View the resource profiles for resources whose direct manager is the current user.
Resource Mgmt	View Only Resources That I Manage in My Resource Pool	View the resource profiles for resources in a resource pool whose resource pool manager or parent resource pool managers is the current user.
Resource Mgmt	View Organization	View the organization model and organization unit detail pages.
Resource Mgmt	View Regional Calendars	View all regional calendars defined in PPM.
Resource Mgmt	View Regions	View all regions defined in PPM.
Resource Mgmt	View Resource Pools	View resource pool information if the user has been granted view access on the Configure Access for Resource Pool page.
Resource Mgmt	View Staffing Profiles	View staffing profile information if the user has been granted view access on the Configure Access for Staffing Profile page.
Server Tools	Restart/Shutdown Server from Administration Console	Restart or shutdown PPM Server nodes from Administration Console.
Sys Admin	Configure Default Page	Configure the default page.
Sys Admin	Configure Modules	Create, edit, and delete modules on Module Configuration in the PPM Dashboard page. View and set the default dashboard on the Set Default Dashboard in the PPM Dashboard page.
Sys Admin	Distribute Modules	View, publish, and distribute modules, pages and portlets to PPM Dashboards on the Distributing Modules Dashboard page.
Sys Admin	Edit Security Groups	Create, update, and delete security groups in the Security Groups Workbench. The user must also have the Edit Users access grant. Assigning this access grant allows the user to assign himself to the PPM All Access Grants security group, giving him complete access to PPM. If this complete access is not desired, see Edit Security Groups access grant for information on how to control this access.
Sys Admin	Edit Services Schedules	User can modify any scheduled services in the system.
Sys Admin	Edit Users	Create, update, and delete users in the Users Workbench.
Sys Admin	Manage Translations	User can run the `kExportAttributes.sh` and `kImportAttributes.sh` translation scripts.
Sys Admin	Migrate PPM Objects	Migrate configuration objects (such as workflows and request types) using the Migrators.
Sys Admin	Server Administrator	Log on to the application when the server is started in restricted mode.
Sys Admin	Server Tools: Execute Admin Tools	Stop the PPM Server by using `kStop.sh` when you enable authentication with the REMOTE_ADMIN_REQUIRE_AUTH `server.conf` parameter set to `true`, send messages through `kWall.sh`, execute administration reports in the Admin Tools window in the Server Tools Workbench. Let the user access the Administration Console and the server tools.
Sys Admin	Server Tools: Execute SQL Runner	Enables the SQL Runner menu in the Administration menu and lets the user run SQL queries. Without this access grant, the SQL Runner menu is invisible. Also lets the user view the Admin Tools window in the Server Tools workbench.
Sys Admin	Server Tools: Execute File Browser	Enables the File Browser menu Browse PPM Server files in the Administration Console and lets the user browse and download PPM Server files. Without this access grant, the File Browser menu is invisible.
Sys Admin	Synchronize Meta Layer	Perform reporting meta layer synchronizations using the Report Types Workbench.
Sys Admin	View Security Groups	View security group definitions in the Security Groups Workbench.
Sys Admin	View Server Tools	View the Admin Tools window in the Server Tools Workbench.
Sys Admin	View Services Schedules	User can view any scheduled services in the system.
Sys Admin	View Users	View user definitions in the Users Workbench.
System	Edit Dependent References	Create and edit dependency relationships between entities and their references. Bypass a request's dependency relationships.
System	Edit Portlet Definition	Create, edit, and delete portlets in the Portlets Workbench.
System	Edit All Reports	Use the Reports Workbench to delete any submitted report.
System	Open Workbench	User can start the PPM Workbench.
System	Override Document Check Out	Override document check out.
System	Override Key Fields Segmentation	View all information contained in restricted key fields. Key fields include: Resource and Resource Group fields in Project Management tasks Assigned User, Assigned Group, and Contacts fields in Demand Management requests Assigned User and Assigned Group fields in Deployment Management packages
System	Ownership Override	Access and edit all configuration entities even if the user is not a member of one of the entity's ownership groups.
System	Submit Reports	Submit reports in PPM.
System	View Portlet Definition	View portlet definitions in the Portlets Workbench.
Time Mgmt	Approve Time Sheets	Approve or reject time sheets if the resource is a direct report or if the time sheet has been delegated to the user.
Time Mgmt	Lock Time Sheets	Lock time sheets when they are not cancelled, frozen, or closed.
Time Mgmt	Close Time Sheets	Close or freeze time sheets if the resource is a direct report or if the time sheet has been delegated to the user.
Time Mgmt	Edit Charge Codes	Create, modify, and delete charge codes in the Charge Codes Workbench.
Time Mgmt	Edit Override Rules	Create, modify, and delete override rules in the Override Rules Workbench.
Time Mgmt	Edit Time Sheet Policies	Create, modify, and delete time sheet policies in the Time Sheet Policy Workbench.
Time Mgmt	Edit Time Sheets	Edit time sheets if the resource is a direct report or if the time sheet has been delegated to the user.
Time Mgmt	Edit Work Allocations	View and edit work allocations. The user can also close or delete allocations the user created.
Time Mgmt	Edit All Work Allocations	View, edit, delete, and close any work allocation.
Time Mgmt	View All Time Sheets (Summary Info Only)	View only summary info for all time sheets.
Time Mgmt	View Charge Codes	View charge code definitions in the Charge Code Workbench.
Time Mgmt	View Override Rules	View override rules in the Override Rules Workbench.
Time Mgmt	View Time Sheet Policies	View time sheet policies.
Time Mgmt	View Time Sheets	View time sheet information for a user.
Time Mgmt	View Work Allocations	View work allocations in Time Management.