Skip to main content

Authorize and Restrict Access to Financial Information

  • Updated

This guide shows you how to ensure the privacy and security of your financial information. You will learn how to give someone access to this data (for example to a financial secretary, accountant, or treasurer); and how to ensure that access is not granted to unauthorized team members. 

ChMeetings manages your financial data within the Contributions and Accounting modules. To manage access to these modules, you need to ensure that the person in question is assigned to a user role that has the appropriate permissions enabled. You can do this by creating dedicated roles for people with access; or by editing an existing role and assigning appropriate permissions. 

Learn more about Managing Users, Roles, and Permissions

Create a Dedicated Role.

Below are the steps to take to create a dedicated role for a treasurer, accountant, or anyone who needs to have access to financial information (exclusively or not).

You can use these guidelines to create multiple different roles, each with their own permissions.

Here is how to create a role that is dedicated to users with access to financial information:

  1. Go to Users and Roles > Roles and Permissions
  2. Click Add Role.

  1. Give the new role a name, This can be, for example, “Treasurer”.
  2. Next, enable all the permissions you want the Treasurer / Accountant to have and disable what you don’t want to allow. If you want to provide exclusive access to financial information and nothing else, you can choose the relevant permissions and leave all others disabled. Essentially, people who manage your finances will only have access to the areas you enable. In the following sections, we recommend that you enable a series of modules, to ensure that authorized people have access to everything they might need to conduct their work:
    1. People: A treasurer needs to be able to at least view People profiles. You can enable access to all profile fields, or toggle on Enable Profile Field Security to set granular permissions per field.



    2. Events: This module requires access to at least the View and Ticket Payments permissions, so that the treasurer can access information related to event payment information. 
    3. Contributions: This section includes permissions to view, add, edit, or delete contributions, to access envelopes and statements, as well as online giving tranzactions and settings. For example, if you are creating a Treasurer or Accountant role, then you can enable access to a majority or to all permissions. If; however, you just want to allow someone to collect contributions with no access to other data, then only enable View, Add, and Edit.  
    4. Organizations: This allows users assigned to the role to view, add, edit or delete organization contributors. Without these permissions, the person cannot work with this type of contributor. Therefore you must enable at least View, Add, and Edit, even for people who collect contributions without advanced access.
    5. Pledges: To allow specific people to manage pledges, they must have access to this permissions section, which includes options to view, add, edit, or delete pledges. You might grant this to a Treasure, Accountant, or anyone who manages your finances more thoroughly.
    6. Contacts: This permissions section allows users to view, add, edit, or delete contacts, who are external contributors to your church.You must enable at least View, Add, and Edit for this module, even for people who collect contributions without needing advanced access. If Contacts permissions are not granted, then they will not be able to collect from this type of contributor. 
    7. Accounting: Here is where you can set granular permissions for different functions within the Accounting module, depending on what you want the users in the role to be able to access. The accounting module includes permissions to:
      1. View - Can only view the data without being able to make any changes.
      2. Manage lets users manage accounting for your church, including accessing accounts, adding transactions, depositing batches, etc. 
      3. Reports: This permission grants access to Accounting Reports.
      4. Print Checks: This permission is specific to the Print Checks feature, which will not be available unless this permission is turned on. 

People who only collect contributions don’t need Accounting access, but a bookkeeper who adds your bank transactions, for example, does need it. 

  1. Reconciliation: This permission is also specific - to the Reconciliation feature, which only becomes available once this permission is activated.

  1. Save the new role.
  2. Next, go to Users and Roles > Users.
  3. Find the user whom you want to assign to the new role, and select Roles in their corresponding options menu. If you are doing this for multiple users and roles, repeat the step for each user and ensure you select the appropriate role for every user.
  4. In the user’s role settings, either edit their current ministry role or assign them to a different one. Select the role you just created - in this example, the role of Treasurer.
  5. Once completing this assignment, the selected users will have access to the permissions you granted, and none of those you disabled. 

Restrict Access to Contributions

To restrict access to financial data, we recommend that you remove the role assignment from the users in question. 

  1. Go to Users and Roles > Users.
  2. Find the user for whom you want to restrict access, and select Roles in their corresponding options menu. 
  3. In the Roles window, identify the role, click Delete, and confirm your choice. Note that if the person is only assigned to one role, then their user account will also be deleted, with no effect on their personal profile. You can therefore add them again as a user in the future and you will not lose their information by deleting their user account along with the role assignment. If you want that person to still have access to specific administrative features, then please assign them to the appropriate role before deleting their assignment to a finance-related role. This way they will have an active role assignment and their account will not be removed. 

We recommend that you also read our guide on Managing Users, Roles, and Permissions which provides detailed guidance about this area of ChMeetings. 

Related articles