Who sees what. Who does what. The right access, at the right time, to the right person.
Give everyone the right level of access: managers see only their team, your accountant accesses entries, your auditor reads without touching. 6 preconfigured roles, granular scopes, full audit trail. Included in every Illizeo plan.
The right defaults, fully customizable.
A role combines a user category with a data scope. Start with our presets and adapt in a few clicks.
Full access to payroll, cycle validation, rule configuration. The pivot role of the HR / Payroll department.
Manages payroll for one or more departments. Prepares cycles, processes variables, escalates exceptions to the Payroll Admin.
Sees their team, approves leave, expenses, hours. Read access to salaries within their scope based on configuration.
Access to accounting entries, payroll exports, journals. Read access to social charges and provisions without modifying HR records.
Self-service access to their own file: payslips, leave balances, absence requests, expense reports, contracts, documents.
Full read access to all data for compliance purposes. No modification possible. All accesses logged in the audit trail.
Granularity per module and per action.
Each Illizeo module exposes its own permissions (read, write, validate, delete). Combine actions per role to build exactly what you need.
| Module | Payroll Admin | Pay. Manager | Manager | Accountant | Employee | Auditor |
|---|---|---|---|---|---|---|
| Employee record | ✓ | ✓ | RO | — | RO | RO |
| Salaries & payslips | ✓ | ✓ | — | RO | RO | RO |
| Attendance & clock-ins | ✓ | ✓ | ✓ | — | ✓ | RO |
| Absences & leave | ✓ | ✓ | ✓ | — | ✓ | RO |
| Expense reports | ✓ | ✓ | ✓ | RO | ✓ | RO |
| Performance & reviews | ✓ | — | ✓ | — | ✓ | RO |
| Org & settings | ✓ | — | — | — | — | RO |
| Roles & permissions | ✓ | — | — | — | — | RO |
| Audit log & compliance | ✓ | RO | — | RO | — | RO |
3 levers to go further.
Beyond preconfigured roles, Illizeo offers scope separation, temporary roles and a full audit trail for GDPR compliance.
Granular scopes
5 visibility levels: global (all), company (per entity), department, team, personal. Combinable with any role. A manager sees their team, a payroll manager sees their department, an accountant sees the company.
Temporary roles
Your Payroll Admin on leave? Delegate the role to a backup for the defined duration. End of leave, the role auto-expires. Notification 7 days before expiration. No risk of forgetting.
Full audit trail
Every role assignment, modification or revocation is logged by name with timestamp and IP. Dedicated “role modification” workflow. History kept 5 years for GDPR audit, URSSAF or labor inspection.
Access security isn’t an option.
Permission-based roles, scope separation, temporary roles and audit trail are available in every Illizeo plan — Core HR, Core HR Extended and all add-on modules — with no extra fee or paywall. Because compliance and trust shouldn’t be sold separately.
Give everyone the right access. No Excel, no risk.
Start with the 6 preconfigured roles, adjust the scopes, and track everything in the audit log. No extra fee, in every Illizeo plan.
Contact Illizeo