As a Business Administrator, you are responsible for organization-wide access strategy and governance. Roles, Group (Site) access, account-level settings, and Special Rights determine who can access ANVL, where they can work, and what advanced actions they can perform. Changes apply immediately and can impact live users, workflows, and reporting.

Before assigning roles or Special Rights, review ANVL Access Overview: What Users Can See and Do to understand how platform areas connect.

Answer

ANVL access is governed through three layers:

Roles – Determine which ANVL areas a user can access
Group (Site) Access – Determines which sites’ data a user can see
Special Rights – Grant advanced configuration, publishing, and governance capabilities

Business Administrators manage these primarily in the Admin Portal.

Roles control entry points (Workflows, Manager).

Special Rights control advanced authority (configuration, publishing, governance).
Roles alone do not grant administrative power.

👉 Review first: ANVL Access Overview: What Users Can See and Do

This context will make the role and permission models below significantly easier to apply correctly.

Steps

1. Understand Role Labels Across the Platform

The same access appears differently depending on where you are working.

Access Purpose	Admin Portal Role Name	User Profile Label (ANVL Manager)
Complete workflows	TECH	ANVL Mobile
Review work and data	ADMIN	ANVL Web

Important:
TECH and ADMIN are system role names.
Users typically recognize their access as ANVL Mobile and ANVL Web.

User profile showing Product Access labels for ANVL Mobile and ANVL Web.

2. Configure Account-Level User Settings (Not Roles or Special Rights)

These settings affect user visibility and management behavior.

Can Modify User

Enables site-level user management
Grants access to the Users tab in ANVL Manager
Allows adding, modifying, activating, and inactivating users within assigned Groups
Does not grant Admin Portal access

Hidden User

Allows technical access without operational visibility
Hides user from:
- Assignments
- Live Feed filters
- Supervisor lists
Common for IT support and implementation resources

Hidden users retain access but do not appear operationally.

Account-level user settings (Can Modify User and Hidden) shown in the Admin Portal User Management view.

User Management view showing system role labels TECH and ADMIN.

3. Assign Product Access and Group Scope

Assign access based on responsibility, not job title.

ANVL Job Role	Example Titles	Typical Responsibilities	Product Access	Profile Settings	Common Special Rights	Power BI Access
Business Administrator (BA)	EHS Director, Corporate EHS Manager, IT Admin	Own org-level setup and governance	ANVL Manager + ANVL Mobile	Hidden	Admin Portal; Workflow Management (as needed)	Recommended
Workflow Manager	EHS Program Manager, CI Lead	Create and publish workflows	ANVL Manager + ANVL Mobile	—	Workflow Management (Create/Edit/Publish as assigned)	Optional
Site-Level Admin	EHS Site Lead, Ops Admin	Manage users at assigned sites	ANVL Manager	Can Modify User	Can Modify User	Optional
Supervisor	Foreman, Crew Lead	Review work and respond to interventions	ANVL Manager + ANVL Mobile	Phone number required	None	Optional
Manager	Plant Manager, Ops Manager	Review dashboards and reports	ANVL Manager	—	None	Common
Program Lead / Owner	Regional EHS Lead, Risk Manager	Analyze trends and performance	ANVL Manager (+ ANVL Mobile if completing workflows)	—	Insights AI	Common / Primary
Workflow / General User	Operator, Technician	Complete workflows	ANVL Mobile	—	None	No