Why does the User Responsibility Report show the user on a module access list when they are blocked from that module?

The user responsibility report identifies if the user is on the associated access list; not whether or not they have authorization to the module. Each access list can be configured as "Allow" or "Deny". Thus, the results of the User Responsibility report are dependent on how each specific module access list is configured.

For example: 

• Module Access List is configured as "Allow"

  • All users on the module access list are allowed (authorized) access to the module.

  • If a user is not authorized to access the module, then the User Responsibility Report would not display anything in the column for these modules, because the user is not added to the "Allow" list. 

• Module Access List is configured as "Deny"

  • All users on the access list are denied access (not authorized) to the module.

  • If a user is not authorized to access the module, then the User Responsibility Report would display the module access list as a responsibility for this user, because they are included in the "Deny" list. 

As a reminder, if a user is restricted from accessing information by an access list, that user may still be granted temporary authorization:

• An open task assignment temporarily authorizes a restricted user to access information about the item associated with that assignment.  

  • For example, an external supplier might normally be restricted from viewing information but would be temporarily granted authorization by a review task.

• A module-specific role may temporarily authorize a restricted user to access information.  

  • For example, in the Design Control module a restricted user assigned as the Project Manager for a project is authorized to view information about that project. Also, a Document Collection owner or viewer role would authorize a user to view the associated document, even if they are restricted access to the module.