Administrators often need to share access to reporting with key stakeholders. In this article, we'll explain how the security model ensures that Users with access to reporting will only see the right data in reporting.
We'll cover:
- What is a security model?
- Reporting permissions in a nutshell: What Users see in Learn and Perform reporting
- Access and options with saved Views in reports
- Reporting views for people managers and Group administrators
What is a security model?
The Security Model is a safety net. It ensures that Users given access to reporting or to Learn admin, do not see more data than they should.
At the highest level, there will be Users who can see everything. In Learn, they will typically be LMS Administrators. They see all data and can run the LMS for the entire organisation. In Perform, they will be Perform Administrators.
For other roles, the view of data in Learn reports and the view of data in Perform reports is more restricted.
In the below example, both an LMS admin and a Manager can view the Learning progress report. But their view of the data is different:
Note that it is also possible to give a User access to ALL data, should that be required - even if the security model would otherwise restrict that.
See Give a User permission to access Reporting and Analytics to learn how to give Users access to reporting and How to give access to ALL reporting data.
Reporting permissions in a nutshell: What Users see in Learn and Perform reporting
When viewing a report, a User's access to data is limited based on their LMS/Perform role.
| View of Learn reports | View of Perform reports | |
| User | Will only see data for themselves | Will only see data for themselves |
| Line Manager | Will only see data for themselves and their team | Will only see data for themselves and their team |
| Group Administrator | Will only see data for themselves and their team (if they have one) and members of any Group they Administrate | Will only see data for themselves and their team (if they have one) |
| LMS Administrator | Will see data for all Learn Users | Will only see data for themselves and their team (if they have one) |
| Perform Administrator | Will only see data for themselves and their team (if they have one) | Will see data for all Perform Users |
View LMS Roles and responsibilities 101 for more about LMS roles.
There are three permissions that can be set in Manage Users which impact the actions that a user can take within the Reporting tool:
View Reporting
This allows the user to access the reporting application and view all reports (although the data within them will be controlled by other factors, as described above).
Edit Reporting
This allows the user to access the reporting application, view and edit all reports (although the data within them will be controlled by other factors as described above), create and edit Saved Views and report Reminders, organise folders, and create/edit user-created reports.
Data Connector
Allows the user to access the data connector tool, to configure SFTP transfer of datasets.
View Give a User permission to access Reporting and Analytics to find out more.
Access and options with saved Views in reports
When a User is given access to a Fixed or User-created report, they will see all saved Views. However, the security model restricts the user's view of the data in any report. This may mean that when selecting a saved View, the User does not see any results.
Note that Users must have the 'Edit' permission to:
- Create a saved view
- Create / Edit a report reminder
The security model and shared report Views
The security model also applies if a link to view a report is shared with a stakeholder. Even if the person who shares the link can see data for 1,000 people, the User who receives the link will have a different view of the data - controlled by the security model.
Reporting views for people managers and Group administrators
Here are some examples of users who may have access to reporting, with a limited view of the data.
People managers
A people manager might have a team of 10 people. The Security Model also ensures that if the manager has access to Learn admin, they see only those ten people in the list of Users.
Therefore, when the manager logs into reporting they will see all the reports, but in those reports, they will ONLY see data for their team (more accurately, members of their Primary Group).
Group administrators
The Group administrator option allows Users who do not have/require full LMS Administrator access or Manager-level access to reporting to share report access.
When a Group administrator is given access to reporting, they will see all the reports, but in those reports, they will ONLY see data for Users who are members of the Group(s) of which they are a Group administrator.
For example, an organisation with Groups based on geographical regions (North, West, East, South) may wish to grant a regional administrator access to reporting for their region without assigning them full LMS Administrator privileges.
In this scenario, the regional administrator can be designated as a Group Administrator. This allows them to view reports containing data for all members of the specific regional Group for which they are an Administrator.
Discover more about reporting with Power BI
Looking for quick answers? Check out FAQ, Reporting and Analytics with Power BI, packed with over 100 common questions and links to in-depth resources.
If you're new to reporting with Power BI, Reporting and analytics 101 introduces the fundamentals to help you get started. For a deeper dive, the short Academy Course Five must-know features explores these key topics in more detail and serves as the starting point for the Get Started: Reporting and analytics with Power BI course.
You can also join our regular Ask Me Anything: Reporting live events - come along and ask your question directly to our panel of experts.
Don't have your Academy account yet? Contact your Customer Experience Manager or the Support Team to sign up today.
Comments
0 comments
Please sign in to leave a comment.