Limit Level 2 User Access to Third Parties
In Third-Party Screening & Monitoring, a Level 2 (L2) user's access to third party information is not restricted by default. L2 user access to third parties can be restricted by one of the following criteria:
-
Third Party Attributes (such as Branch/Division, Category, Internal Department, Region/Country, and Subsidiary/Parent)
-
User's Role (whether they are Owner and/or Approver of the third party)
For example, an organization may need tighter restrictions if they have multiple divisions in the same Region or Category, or they might need to restrict by Owner/Approver in consideration of data privacy issues.
To best fit your organizational needs, select one of the following criteria to restrict access:
| Criteria | Description |
|---|---|
| Third Party Attribute |
Select what third parties L2 users can access based on attributes such as Branch/Division, Category, Internal Department, Region/Country, and/or Subsidiary/Parent. This is the default option. |
| Owner | L2 users will only be able to access third parties for which they are Owner. |
| Approver | L2 users will only be able to access third parties for which they are Approver. |
| Owner or Approver | L2 users will only be able to access third parties for which they are either Owner or Approver. |
| Owner and Approver | L2 users will only be able to access third parties for which they are both Owner and Approver. |
To configure this setting:
- While editing a L2 user, for Is this user's access to Third Parties limited, click Yes.
- Click Next.
-
Select the desired option in which to restrict the L2 user's access.
Restrict by Third Party Attribute
Important: Not all third party attributes are active for all customers. Your selection of attributes that can be used to limit a L2 user's access is based on what is active and has been set up in your application's configuration.
- Select one or more attributes by which you will restrict third party access.
(Conditional) If you select more than one attribute, you will also be prompted to choose whether the user can access third parties that match Any or All of your selected attributes. See Logic Options below for a detailed explanation of the two options.
- For each selected attribute, a checked box indicates all available attribute options have been selected. Click
to expand the list and individually select attribute options. Only third parties associated with the selected attribute options will be accessible to the user. - Click Save.
Logic Options
To help explain the difference between Any or All when selecting multiple attributes, imagine that the following third parties exist in your system:
|
Name |
Category |
Region |
Country |
|
Third Party 1 |
Business Services |
Americas |
United States |
|
Third Party 2 |
Business Services |
Asia |
Japan |
|
Third Party 3 |
IT Services |
Asia |
Korea |
|
Third Party 4 |
Travel Services |
Europe |
Germany |
If you select Any (applying OR logic) and the criteria options you selected are the Business Services category and the Asia region, the user will have access to any third party who is either categorized as a Business Service or is located in Asia. Therefore, referring to the table above, this user would have access to Third Party 1 (Business Services category), Third Party 2 (Business Services category and Asia region), and Third Party 3 (Asia region).
If you keep the same criteria option selections and change to the second logic option—All (applying AND logic)—then the current user will have access to any third party who is both categorized as a Business Service and is located in Asia. In this case, the user would only have access to Third Party 2.
Restrict by Role
Important: For the Approver option to be available, a user must have "May be assigned as Approver" selected on the User Information tab in the Edit User page. Otherwise, this option will not appear and only the Owner option is available.
-
Select the specific Owner and/or Approver criteria by which you will restrict third party access.
In the example above, This user will be restricted to third parties for which they are either Owner or Approver. They must be one or the other in order to access the third party.
Note: For a L2 user with Owner and/or Approver restrictions, when creating a third party, the user will automatically populate as Owner and/or Approver since that permission is required for them to view the third party. They will not be able to edit the field(s).
-
Click Save.
Product Information
Copyright
Copyright © 2025 NAVEX Global, Inc. NAVEX Global® is a registered trademark/service mark of NAVEX Global, Inc. The NAVEX Global® logo is a trademark/service mark of NAVEX Global, Inc. Unauthorized use of NAVEX Global, Inc.’s trademarks/service marks is strictly prohibited without prior written permission from NAVEX Global, Inc.