Many enterprise customers have security policies require different administrative roles to support segregation of duties. Today, when we encounter these, we need to build them from scratch and manage them at the model level.
I propose that in addition to 'Workspace Administrator'', we also have 'Security Admin' and 'Data Admin' designations.
Security Admin would have admin access to 'Users' in order to support user maintenance and the assignment of users to model roles. If an additional capacity of tagging models as 'security models' could be created then this role would also have the ability to view any security logic deployed.
Data Admin would have the combined ability to execute Processes and Actions and to view all data in a workspace. They would not have access to security components nor would they be able to change models or Actions.
The content in this article has not been evaluated for all Anaplan implementations and may not be recommended for your specific situation.
Please consult your internal administrators prior to applying any of the ideas or steps in this article.