Allowing users with restricted access to edit any invoice, even after it has been submitted, emailed and paid, is a huge risk to security. I
Allowing users with restricted access to edit any invoice, even after it has been submitted, emailed and paid, is a huge risk to security. It would be much safer to create a new invoice and credit the old one, at least this leaves a legitimate trail of evidence. I find it hard to believe that any other companies find this secure enough... Can you please escalate this matter and attempt to have this loophole repaired? I really think that I am not the only client who is concerned about this issue.
This is a very big issue for the security for any company where someone with limited access can amend and change old invoices.
What is the purpose then to give someone limited access, if they could just change an invoice without permission after the fact?
Please escalate this concern
Rudi Brits
shared this idea
Thanks for submitting your idea on Xero Product Ideas. We appreciate you taking time to let us know how we could improve Xero for you.
Your feedback will soon be reviewed by our Community team, and in the meantime this can begin to build support with votes from other community members.
If you're interested to see recent releases or get a pulse on what's coming soon see The Long and Short of it. 🙂