Test And Accept
Features

Access Control

Managing who can view and edit your work

Access control lets you manage who can see and interact with your projects, statements of work, and other resources. You can grant different levels of access to team members, clients, and external collaborators, ensuring everyone has exactly the permissions they need.

What is Access Control?

Access control helps you:

  • Protect Sensitive Work: Keep confidential projects private
  • Enable Collaboration: Share resources with the right people
  • Control Permissions: Give different access levels to different users
  • Support External Stakeholders: Grant clients and partners limited access
  • Maintain Security: Track who has access to what
  • Set Time Limits: Grant temporary access that expires automatically

How Access Works

Two Types of Access

Organization-Level Access:

  • Automatic access for organization members
  • All members can see organization resources
  • Simplifies team collaboration
  • Managed through organization settings

Resource-Level Access:

  • Specific access to individual resources
  • Invite people to projects, SOWs, or RFCs
  • Works for users outside your organization
  • Can be granted, modified, or revoked anytime

Access Inheritance

Access flows down the hierarchy:

Project Access

Automatically includes access to:

All SOWs in that project

All items, criteria, and tests in those SOWs

Example:

  • Grant Jane "Editor" access to "Website Redesign" project
  • Jane automatically gets "Editor" access to all SOWs in that project
  • If you create new SOWs, Jane gets access automatically
  • Jane cannot access other projects unless explicitly granted

Five Access Levels

Owner

What they can do:

  • Full control over the resource
  • Edit all content
  • Delete the resource
  • Manage who has access
  • Grant access to others
  • Change any settings

When to use:

  • Project creators (automatically assigned)
  • Co-owners who share full responsibility
  • Admins who need complete control

Best for: Core team members driving the work

Editor

What they can do:

  • View and edit all content
  • Add work items, criteria, and tests
  • Update status and progress
  • Create new resources under this one
  • Invite viewers and followers
  • Cannot delete or manage access

When to use:

  • Team members actively working
  • Collaborators making changes
  • Contributors adding content

Best for: Your working team

Approver

What they can do:

  • View all content
  • Review and approve deliverables
  • Add comments and feedback
  • Request changes
  • Cannot edit the content directly
  • Cannot manage access

When to use:

  • Clients reviewing work
  • Stakeholders signing off
  • Managers approving decisions
  • Quality reviewers

Best for: Decision-makers who approve but don't edit

Viewer

What they can do:

  • Read-only access to content
  • See progress and status
  • View criteria and test results
  • Download documents
  • Cannot edit anything
  • Cannot add comments

When to use:

  • Observers monitoring progress
  • Stakeholders staying informed
  • Reference for related teams
  • Auditors reviewing work

Best for: Stakeholders who need visibility without changes

Follower

What they can do:

  • Receive notifications about changes
  • Basic visibility into status
  • See high-level progress
  • Cannot view detailed content
  • Cannot make changes

When to use:

  • Executives getting updates
  • Marketing team tracking launches
  • Support team monitoring releases
  • Anyone who needs alerts only

Best for: People who need to know when things change

Granting Access

Invite Users to a Resource

For Projects:

  1. Open the project

  2. Click "Share" or "Manage Access"

  3. Add people:

    • Enter email address or select from your organization
    • Choose multiple people at once

  4. Select access level:

    • Owner, Editor, Approver, Viewer, or Follower
    • Different people can have different levels

  5. Set expiration (optional):

    • Leave blank for permanent access
    • Set date for temporary access
    • Access automatically revokes on that date

  6. Add a personal message (optional):

    Hi Sarah,

I'm adding you to the Website Redesign project
so you can review progress and approve deliverables.

Thanks!

  7. Click "Send Invitation"

For SOWs, RFCs, and other resources: Same process

What Recipients Experience

If they have an account:

  • Receive email notification
  • Click link to view resource
  • Access immediately granted
  • Resource appears in their dashboard

If they don't have an account:

  • Receive email invitation
  • Click link to create account
  • Complete sign-up
  • Access granted after account creation

Alternative: Secure guest access (for SOWs):

  • No account required
  • Secure, unique link
  • Can view and approve
  • Time-limited access

Managing Access

View Who Has Access

  1. Open the resource
  2. Click "Access Settings" or "Sharing"
  3. See the list:
    • All users with access
    • Their access levels
    • When access was granted
    • Who granted it
    • Expiration dates (if any)

Modify Access Levels

Change someone's access:

  1. Open Access Settings

  2. Find the user

  3. Click their current access level

  4. Select new level:

    • Upgrade: Follower → Viewer → Approver → Editor → Owner
    • Downgrade: Owner → Editor → Approver → Viewer → Follower

  5. Click "Update"

Best practices:

  • Start with lower access and increase as needed
  • Don't give everyone Owner access
  • Use Viewer for stakeholders
  • Use Editor for active contributors

Revoke Access

Remove someone's access:

  1. Open Access Settings
  2. Find the user
  3. Click "Remove" or "Revoke Access"
  4. Confirm removal

What happens:

  • User immediately loses access
  • They receive notification (optional)
  • Resource disappears from their view
  • Their past contributions remain
  • Audit log records the revocation

Temporary Access

Grant time-limited access:

Use cases:

  • Contractors working for specific period
  • Client review during approval window
  • External experts providing input
  • Temporary team members

How to set:

  1. Grant access normally

  2. Set expiration date:

    • Choose date in the future
    • Example: "30 days from now" or specific date

  3. Click "Grant Access"

What happens at expiration:

  • Access automatically revoked
  • User receives notification (optional)
  • You receive notification that access expired
  • User can request extension if needed

Access Patterns

Team Collaboration

Your core team:

  • Organization members: Automatic Editor access
  • Project owners: Owner access
  • Active contributors: Editor access
  • Support roles: Viewer or Follower access

Setup:

  1. Assign project to your organization
  2. Team members get automatic access
  3. Grant Owner to co-leads
  4. Everyone collaborates seamlessly

Client Engagement

Client stakeholders:

  • Decision-makers: Approver access
  • Observers: Viewer access
  • Executives: Follower access
  • External team: Editor access (if collaborating)

Setup:

  1. Create project for client
  2. Don't add client to organization
  3. Grant Approver access to decision-makers
  4. Grant Viewer to stakeholders
  5. Use secure links for broad distribution

External Collaborators

Subject matter experts:

  • Contributing content: Editor access
  • Reviewing work: Approver access
  • Providing reference: Viewer access
  • Temporary involvement: Set expiration

Setup:

  1. Invite by email
  2. Grant appropriate level
  3. Set expiration date
  4. Remove when project completes

Multi-Organization Projects

Working across organizations:

  • Keep project in your organization
  • Grant resource-level access to external users
  • Different access levels per person
  • Maintain your organization's ownership

Setup:

  1. Project belongs to your organization
  2. Invite users from partner organizations
  3. They access via invitation, not org membership
  4. Both teams collaborate on shared resources

Access Audit and Compliance

Tracking Access

Every access change is logged:

Access audit log includes:

  • Who granted access
  • Who received access
  • What access level was granted
  • When it was granted
  • When it expires (if applicable)
  • Who revoked access (if applicable)
  • When it was revoked

Reviewing Access

Regular access reviews:

Monthly:

  1. Review who has access to active projects
  2. Remove access for departed team members
  3. Check for expired access that needs renewal
  4. Verify external collaborators still need access

Quarterly:

  1. Audit all access grants
  2. Ensure minimum necessary access
  3. Review inactive resources
  4. Clean up old access grants

Compliance

For compliance requirements:

  • Export access reports: Download audit logs
  • Demonstrate control: Show who has access to what
  • Track changes: Full history of access modifications
  • Set policies: Enforce access level rules
  • Automate expiration: Prevent indefinite access

Best Practices

Granting Access

Do:

  • Start with minimum necessary access
  • Use Viewer for stakeholders
  • Use Editor for active team
  • Use Approver for decision-makers
  • Set expiration for temporary access
  • Document why access was granted

Don't:

  • Give everyone Owner access
  • Grant higher access than needed
  • Forget to set expiration for contractors
  • Add external users to your organization
  • Grant organization-wide access casually

Managing Access

Do:

  • Review access regularly
  • Remove access promptly when not needed
  • Update access levels as roles change
  • Use inheritance (project → SOW)
  • Track who has access to sensitive work

Don't:

  • Let access accumulate indefinitely
  • Forget to revoke when people leave
  • Grant access and forget about it
  • Share owner credentials
  • Ignore access requests

Security

Do:

  • Use resource-level access for external users
  • Set expiration for temporary collaborators
  • Audit access regularly
  • Revoke access for departed team members
  • Use appropriate access levels

Don't:

  • Share login credentials
  • Give permanent access to contractors
  • Grant access to entire organization unnecessarily
  • Ignore security warnings
  • Skip access reviews

Troubleshooting

Can't Grant Access

Possible reasons:

  • You don't have Owner or Admin access yourself
  • User's email is incorrect
  • Resource doesn't support that access level
  • Organization policies prevent external access

Solutions:

  • Verify your own access level
  • Check email address spelling
  • Ask resource owner to grant access
  • Review organization policies

User Can't See Resource

Check these:

  • Access was actually granted
  • User is in correct organization (if org-level)
  • User logged in with correct email
  • Access hasn't expired
  • Resource wasn't deleted

Solutions:

  • Re-send invitation
  • Verify email address matches account
  • Check expiration date
  • Grant access again if needed

Wrong Access Level

To fix:

  1. Open Access Settings
  2. Find the user
  3. Change their access level
  4. Save changes
  5. Notify user of change

Access Denied Errors

Common causes:

  • You don't have permission for that action
  • Resource owner restricted permissions
  • Access expired
  • You're in wrong organization

Solutions:

  • Request higher access level
  • Contact resource owner
  • Check if access expired
  • Switch to correct organization

Users and Access

Organizations

Email Distribution

Commenting

Collaboration Features

Powerful features that enable teamwork and communication

Change Management

Track and understand what changed between versions