Trusting employees is the foundation of healthy working relationships. However, when it comes to access to finances, inventory balances, and commercial information, excessive trust can turn into a risk. Uncontrolled access to data creates conditions not only for deliberate manipulation, but also for accidental errors that can cause significant losses to a business.
The “Roles” system in Torgsoft is not a tool of distrust, but a fundamental framework for security, efficiency, and order. It allows you to clearly separate permissions, protect confidential data, and establish transparent rules for everyone. This article provides a clear minimum set of rules for configuring access for key employees to protect your business.
Main rule: “Deny everything, allow only what is necessary”
The fundamental security principle when configuring roles is not about restricting existing access, but about starting from scratch. For each position, you first block absolutely all functions and then grant permissions only for those operations that are critically necessary to perform job duties.
Follow the rule: deny everything, allow only the functions required for the position.
This approach minimizes the risk of human error, prevents unauthorized access to sensitive commercial data (such as purchase prices or overall financial totals), and protects the business from potential fraud. Even “just in case” access creates unnecessary vulnerabilities that should be avoided.
5 mandatory restrictions for a seller
The “Seller” role is the most critical to configure, since the seller works daily with customers, goods, and money. The list below is the mandatory minimum of restrictions for any retail business.
-
Prohibition of price changes. The seller must be prohibited from changing the Sales price in transactions and the Price list price. This prevents unauthorized discounts for “friends” or manipulations where the seller changes the price on the receipt to pocket the difference.
-
Hiding purchase prices and summary data. The seller should not see Purchase prices of goods or View summary data (for example, the total value of goods in stock). This information is a trade secret, and access to it for a regular employee is an unjustified risk.
-
Blocking manual entry of a discount card. A common fraud scheme is when a seller uses the discount card of a regular customer (whose code they know) for sales to other buyers and keeps the difference. To prevent this, configure the system so that the discount is applied only after scanning the physical card. It is also important to allow product returns only after scanning the original sales receipt to avoid fictitious return operations.
-
Restricting access to other accounting centers and cash registers. This restriction implements the key principle of personal responsibility. Each seller should have access exclusively to their own store (accounting center) and their own cash register (cash register). This approach not only prevents errors such as selling goods from another warehouse, but also significantly simplifies audits and clearly identifies responsibility if discrepancies are found.
-
Control over removing items from a receipt. There is a scheme where a cashier takes full payment from a customer and, after the customer leaves, removes one item from the receipt and keeps the cash. Torgsoft allows you to configure the process so that removing an item from a sale requires confirmation by a responsible person (responsible authorization), for example by scanning a manager’s badge or entering their password.
Continuous control tools
Role configuration is a preventive measure, while monitoring is diagnostic. When there is suspicion of incorrect actions or discrepancies, the built-in tools of Torgsoft form a clear investigation path. You start with a general overview to identify anomalies, and then dive into details to determine the causes.
-
User activity log. This is your first step in monitoring, allowing you to notice unusual patterns. For example, when a seller frequently opens forms not required for their work or receives many system errors. The key advantage of this log is the immutability of individual records. No user, not even the owner, can edit what has already been recorded in the log.
However, it is important to know: although records cannot be edited, they can be deleted for a certain period, for example when deleting statistics of closed periods. This makes the log a reliable witness of recent events, but highlights the importance of prompt incident investigation.
-
Document change log: who edited what? When the User activity log points to a suspicious user or time period, the Document change log becomes your tool for “drilling down.” This is the second, more focused stage of the investigation. Here you can examine a specific document (Receipt, Sale, Write-off) “under a microscope” and see who, when, and which fields were changed.
-
Closing periods and cash days — protection against backdated manipulation. This tool is the foundation that ensures the reliability of the previous two. Without closing periods, a dishonest employee can make changes to documents retroactively, complicating log analysis and allowing manipulations to be concealed. Regular closing of cash days and financial periods “cements” the data, making it immutable. This not only protects against fraud but also guarantees the accuracy of daily, weekly, and monthly financial reports that are critical for strategic business planning. Configure mandatory automatic cash day closing to ensure this process is fail-safe.
Control is not distrust, but the foundation of order
Properly configured roles and active monitoring are not about micromanagement or distrust of staff. These are basic business processes that create a secure, predictable, and efficient working environment. They protect the business from financial losses and honest employees from unfounded suspicion by creating a transparent and immutable record of all actions in the system.
Go back to the previous step