An important aspect of managing users is defining what users will see in Wave (visibility) and what that user can do in Wave (roles). This is done using groups. Please note that your company's group settings may vary from the examples here, but at a minimum, a user will be part of one visibility group and one user group.
The following is a general overview of visibility and permission groups available in Wave and how to set a user's visibility and permissions. Please note that the role definitions may be different for your instance of Wave.
If someone is a member of a visibility group, that user will be able to view data associated with that visibility group.
Generally, visibility will be based on workstreams or a combination of attributes, such as business units, geography, or a flag. Visibility settings will define which cards, data, and dashboards a user can see. For example, a user from the IT department will be assigned visibility to information technology initiatives, but probably will not be able to see initiatives in the sales workstream.
Because many workstreams and initiatives are managed in Wave, assigning specific visibility is meant to simplify users' views and help them focus on what is relevant to their work.
Role groups are designed to provide users with permissions to edit, approve, override, or be assigned to initiatives. Roles can also be used to block or allow automatic email communications.
Similar to visibility groups, assignment to a role group is generally based on workstreams, as well as the user's role in the organization. For example, someone on the finance team might have the ability to overwrite edits in order to expedite approvals, while an initiative owner will only be able to update their own initiatives and milestones.
Role categories are usually designated as follows, but you should confirm with your Wave administrator how they are defined for your instance of Wave:
Full editor = Update all cards that user can view (including those owned by others)
Override editor = Temporary permission to have super user rights and modify fields that are otherwise locked, e.g. planned impact values in implementation`
Editor = Create and update own cards
Approver = Approve cards in their respective approver group(s) and view approver dashboard
Guest = Read-only access with no editing rights
Wave team = View all dashboards
Editor: shared document = View and edit only the shared document tab
TO lead = View all TO dashboards
Managing Group Membership
Users' group membership(s) can easily be viewed in the User Management Console by scrolling to the right. Group prefixes - viz and role - are used to indicate whether a group is for visibility or role, respectively.
Group membership - general purpose
This is a list of all the groups to which a user belongs.
Refer to this column to see at a glance the number of groups to which a user belongs. Click on the + sign to expand the field and you will see a breakdown of all groups, with green boxes indicating the groups of which a member is a user.
Do you need to assign users to a group or edit a user's group membership? This can be be done by exporting and updating the user template.