E-Commerce Role Based Access Control Management

Setting up E-Commerce Role Based Access Controls

Safeguarding your business assets is imperative and the segregation of duties can help you achieve better internal controls. This blog post further examines role based access control management from the e-commerce perspective. We will review the setup of the store manager for an e-commerce system.

Review E-commerce Store Manager Setup

For the purpose of this sample setup, the store manager will have functionality to oversee and perform all transactional data and reporting. The store manager will not be setup for system settings which includes making changes to tax rules and payment gateways. In addition, the store manager will not be permitted to delete any records.

1. Select Store Access including Orders, Coupons and Reports


Setup settings and system status are not required for our store manager to do his/her job. Restricting these features safeguards and controls payment gateways, tax rules, shipping calculations, and much more. Disallowing the setting options mitigates risk by removing the potential opportunity to make changes to features outside of the mangers role.


2. Review Product Setup Options and Ensure No Restrictions Exist


All options under the products tab are made available based on the manager's role configuration and company policy.


3. Review Additional Product Options


The above features will provide additional settings that will help the store manager increase sales through functions like product specific Search Engine Optimization and on-page sharing. Therefore, these product options will not be restricted to the store manager.


2. Review All Other Settings


By default, the above list of functionality comes with all options enabled. Under our configuration, we will make some changes to the store manager's role by removing functionality. We will remove all deletion capabilities to ensure that all data is available for audit purposes. Other roles such as purchaser and inventory manager can be configured to ensure duties are segregated. Using IT system controls is an effective way of enforcing segregation of duties and internal controls policies.


gmb checklist small 175
Ready to Give Your Company a Serious Boost?
Instantly download our in-house checklist to discover how we setup, optimize, and maintain top-performing Google Business Profiles every day!
Yes, I Want My Free Google Checklist Now
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram