Primary Role: Business Administrator (BA)
Learning Focus: Learn
Where: Admin Portal

🧭Before You Start (Recommended)

Before reviewing roles and permissions in detail, make sure you understand where work happens in ANVL and what access unlocks each area.

👉 Review first: ANVL Access Overview: What Users Can See and Do

This context will make the role and permission models below significantly easier to apply correctly.

🎯Why This Matters

As a Business Administrator, you are responsible for organization-wide access strategy and governance.

Roles, account settings, and Special Rights determine:

Who can access ANVL and where they can work
Who can configure workflows and publish changes
Who can manage users, sites, and hierarchy

Incorrect setup can:

Block critical access
Over-grant authority
Impact live users, workflows, and reporting

📝How Roles and Permissions Work in ANVL

ANVL access is governed through three layers:

Roles – determine which ANVL areas a user can access
Group (Site) access – determines which sites’ data a user can see
Special Rights – grant advanced configuration and governance capabilities

Business Administrators manage all three primarily in the ANVL Admin Portal.

Roles vs. Special Rights

Roles control entry to ANVL areas (Workflows, Manager)
Special Rights control advanced actions (configuration, publishing, governance)

Roles alone do not grant administrative authority.

Account-Level User Settings (Not Roles or Special Rights)

Some user capabilities are controlled by account-level settings, not Roles or Special Rights.
These affect how users are managed and where they appear in the platform.

Can Modify User

Purpose: Enables site-level user management
Typically assigned to: Site-Level Admins

Grants access to the Users tab in ANVL Manager
Allows adding, modifying, activating, and inactivating users within assigned Groups
Does not grant Admin Portal access or organization-level authority

This setting supports day-to-day user administration at the site level.

Hidden User

Purpose: Allows technical access without operational visibility
Typically assigned to: IT administrators, technical support, implementation resources

Hides the user from:
- Assignments
- Live Feed filters
- Supervisor selection lists
Does not remove access to sites or configuration data

Common use cases:

IT support
Platform monitoring
Troubleshooting and configuration

Hidden users can access the platform but do not appear as operational users.

Account-level user settings (Can Modify User and Hidden) shown in the Admin Portal User Management view.

How Role Labels Appear Across ANVL

The same access is labeled differently depending on where you are working.

Access Purpose	Admin Portal Role Name	User Profile Label (ANVL Manager)
Complete workflows	TECH	ANVL Mobile
Review work and data	ADMIN	ANVL Web

Important:
TECH and ADMIN are system role names used in the Admin Portal.
Users typically recognize their access as ANVL Mobile and ANVL Web in ANVL Manager.

User profile showing Product Access labels for ANVL Mobile and ANVL Web.

User Management view showing system role labels TECH and ADMIN.

Common Roles and How Permissions Are Used (Org-Level View)

ANVL Job Role	Example Job Roles	Typical Responsibilities	Product Access	Profile Settings	Common Special Rights	Power BI Access
Business Administrator (BA)	EHS Director, Corporate EHS Manager, IT Admin	Own org-level setup, ensure consistency, manage access strategy and governance	ANVL Manager + ANVL Mobile	Hidden	Admin PortalWorkflow Management (as needed)	Recommended
Workflow Manager	EHS Program Manager, CI Lead	Create, maintain, and publish workflows and templates	ANVL Manager + ANVL Mobile		Workflow Management (Create / Edit / Publish as assigned)	Optional
Site-Level Admin	EHS Site Lead, Ops Admin	Manage users and access at assigned sites	ANVL Manager	Can Modify User	Can Modify User	Optional
Supervisor	Foreman, Crew Lead, Shift Supervisor	Review work, respond to interventions and stop-jobs	ANVL Manager + ANVL Mobile	Phone number + Manager access	None	Optional
Manager	Plant Manager, Ops Manager	Review dashboards, reports, and site activity	ANVL Manager		None	Common
Program Lead / Owner	Regional EHS Lead, Risk Manager	Analyze trends and monitor program performance	ANVL Manager (+ ANVL Mobile if completing workflows)		Insights AI	Common / Primary
Workflow / General User	Operator, Auditor, Contractor, Technician	Complete workflows and capture data	ANVL Mobile		None	No

Job titles vary by organization and industry. Assign access based on responsibilities, not title alone.

Special Rights

Special Rights extend capabilities beyond standard role access and are managed only in the Admin Portal.

Licensing Consideration (Important)

Some Special Rights may have licensing or contractual implications.
Before assigning Special Rights, review your Statement of Work (SOW) or confirm entitlements with your Benchmark Gensuite account team if you are unsure.

1. Super Admin

Access to the ANVL Admin Portal
Organization-wide user and Group management
Bulk create and bulk update actions

Grant sparingly due to organization-wide impact.

Admin Portal User Management showing Super Admin access and organization-level controls.

2. Workflow Management (Mobilize / Editor)

Workflow Management is a group of Special Rights that enable workflow design, editing, and publishing capabilities across Mobilize and Editor.

Depending on role needs, a user may be assigned one or more of the following Special Rights:

Create – Create new workflows using Mobilize AI
Edit – Edit existing workflow templates in Editor
View – View existing workflow templates
Delete Draft – Delete unpublished workflow drafts (organization-wide)
Publish – UAT – Publish workflows to Testing (UAT) Groups
Publish – All – Publish workflows to Testing and Production Groups

Important:

Delete Draft applies organization-wide, not at the site level.
Publishing to Production Groups has immediate operational impact and should be granted cautiously.