What can Org Admins do?
Org Admins are currently the highest permission level in Progression. Please be very careful about who you assign to this role.
What Org Admins can do
Org admins can do the following:
- Create, delete and update teams (by adding frameworks and skills)
- Add, archive and update users
- Add, remove and update any users' manager, position, team and permissions (including turning other users into Org Admins and team owners)
- This means that a malicious org admin can remove permissions from other org admins and take control over an organisation.
- Bulk upload or update users via our CSV updater
- Add, delete and update all skills
- This includes deleting skills that are used across multiple teams, not just their own
- Make a team public
- Org admins are listed explicitly in our terms as representatives of the business. Practically what this means is that if an org admin chooses to make skills public, that constitutes the organisation allowing other teams to use their content.
- View billing and invoices, and update payment details
- Right now this doesn't include auto cancellation, but it likely will in the future. Bear that in mind when creating Org Admins.
What Org Admins cannot do
Org admins can not view check-ins for users. This means that it's not possible for a well-meaning org admin to accidentally view check-in content that they shouldn't.
However, because Org Admins can change reporting lines, they can assign themselves to be the manager of any given user to view their check-ins. That's why it's very important to assign this permission carefully.
Need to know about an action in your account?
While there are no customer-facing audit logs at present, we do keep internal logs of all actions, so if you're concerned about malicious behaviour within your organisation, please email firstname.lastname@example.org and we'll be able to investigate on your behalf.