User roles - Reports access with no payroll (including accounts)
We want to give access to reporting to one of our managers however we don't want them to be able to view all payroll information. Therefore I am looking for a function that can give access to all of Xero except anything to do with payroll so all nominal codes to do with wages would need to be invisible etc. Journals would another thing that needs to be hidden.

This is really useful to know, thanks Josh - Though we don't have immediate plans for change around this, we really appreciate you sharing the detail of how you'd see this permissions working best for you. We'll keep an eye across this one here, and let you know if there are any updates.
Susan Escott commented
As Lorraine has stated below - with Project Managers being responsible for their own budgets they need to have access to drill into their accounts and view spending, raise purchase orders and approve invoices BUT we do not want them being able to see another Project nor do we want them to see any Payroll related items. Surely there must be a way to provide tick boxes that allow you to choose a funding bucket and then untick certain codes in that bucket?
Josh Stedman commented
Hello. Yes the main thing is there is no ability to drill down to transactions however I wouldn't really want them to have access to the Balance Sheet anyway.
I'll give you the context which will help. Our operations manager wants access to financial data to help control Operations costs more effectively. So really all they need is to be able to view info of all P&L lines linked with operations and some overheads that the manager is responsible for tracking (access to all overheads except wages and also bank accounts would be fine).
Since then, we've had a technical manager ask to have access to two budgets he is responsible for so that he can view the costs and view the invoices.
So what would be ideal is a function to allow me to assign various nominal codes accordingly to each manager e.g. our technical manager is responsible for costs of tools. So I would assign him just the tools nominal code and this would enable him to view all info within this nominal code and the invoices with this nominal code.
When I was referring to reports, looking at it again, most of the reports wouldn't be useful for them and I wouldn't want them to see them anyway so again, if I could assign them just a particular report they can use, that would be helpful.If none of the above is possible, then I think the best would be to allow them all access minus any payroll info, any bank account info and journals.
Hopefully that helps!
Lorraine Adams commented
Xero - Isn't it pretty obvious? Anything would be better than access to pretty much EVERYTHING, as things have stood since Xero was invented.
Sorry to be rude, but you do understand accounting right? & GDPR yeah?
Let me help - Purchase ledger clerk needs access to supplier contacts, bill processing, supplier reports, aged creditor reports, bills reports, purchase day book reports, bill production, quotes, purchase orders, bank supplier payments, refunds, credit notes and .........
Purchase ledger clerk DOESN'T NEED and NOR SHOULD SHOULD HAVE ACCESS to staff pay & personal information, the director's dividends & tax information, the companies balance sheet, staff bonuses, HMRC arrears (or otherwise), investments, how much the company spent on the last client event, or the christmas party, or the computers, Joe's redundancy payment (oh, did I let the cat out of the bag or should I call it something else in Xero so no one knows, HMRC won't mind....) you really need me to go on?......
Perhaps some one else could be kind enough to waste some of their time explaining what the sales ledger clerk needs. or what the treasurer or in house accountant needs - which surprisingly is where the 'access all areas' should sit.
A waterfall access level approach with a tickbox list (just like staff access in MY XERO - (miss that - it was good and clear)....I've seen this before, oh yes, in SAGE. Works a treat. Easy. Clear. Transparent.
I have to give some staff access to EVERYTHING and freeze out others which not only causes causes offence, but also inconvenience to those that have to be disrupted in their own work to provide reports to other staff.
If the current reporting structure/platform can't be changed, why not build a suite of smaller reporting modules - task or job role specific??
It's stunning that this FLOOR exists in the first place, and beyond belief that in more than 10 years, and despite GDPR, and many many requests in the old & new voting system, NOTHING, EVER, has changed in this regard, or other items I've voted for.....