With the increase in sensitive data, it is crucial to manage who has access to information. Assigning different roles allows for flexible permissions, preventing exposure risks or unauthorized modifications. Now, with the new custom roles functionality in Dcycle, you can assign access easily and flexibly. Control who can view and edit what, without rigid structures and without the risk of errors.
Why role-based access control matters for ESG data
Sustainability data is inherently cross-functional. Finance teams handle energy bills, operations manages fleet and logistics data, HR provides employee commuting information, and procurement tracks supplier emissions. With so many stakeholders contributing to and accessing ESG data, controlling who can see and modify what is not just a security concern, it is an operational necessity.
Without proper access controls, organizations face several risks:
- Data integrity issues: If any user can modify emission calculations or input data, accidental changes can compromise the accuracy of reports submitted to regulators or auditors.
- Confidentiality breaches: Employee-related data (commuting patterns, headcount) and supplier contracts often contain sensitive information that should only be visible to authorized personnel.
- Audit trail gaps: When everyone has the same level of access, it becomes difficult to track who made specific changes, complicating the verification process during CSRD audits or ISO certifications.
- Compliance failures: Regulations like ISO 27001 and GDPR require organizations to implement the principle of least privilege, giving users only the access they need to perform their specific tasks.
Dcycle’s custom roles feature addresses all of these challenges by letting administrators define exactly what each team member can access.
The different roles
Dcycle offers a flexible role system that adapts to your organization’s structure:
Super Admin: Full access to the entire system. This role is responsible for managing permissions and assigning different user accesses. Additionally, the Super Admin can block access to specific data categories, such as employee data, ensuring that only the right users can view or edit certain information. Typically, this role is assigned to the sustainability lead or the IT administrator responsible for the platform.
Category Administrator: Allows the creation of custom roles with access to view and edit specific data categories. Now you can assign accesses tailored to your company’s structure. For example, you might create a role that gives the energy manager access to electricity and fuel data but not to employee or travel categories.
Custom roles: Beyond the predefined roles, administrators can create roles tailored to specific needs. A few practical examples:
- A finance viewer role that can see cost data associated with emissions but cannot modify input values.
- A site manager role that can input and edit data for a specific location but cannot access data from other sites.
- An auditor role with read-only access to all data and calculation methodologies, facilitating external reviews without risk of accidental modifications.
How to set up custom roles in your organization
Setting up roles in Dcycle follows a straightforward process:
-
Map your team structure: Identify which team members need access to Dcycle and what data categories they work with. Consider departments (finance, operations, procurement), locations (if you have multiple sites), and functions (data input, review, reporting).
-
Define access levels: For each role, determine whether users need view-only access, edit capabilities, or full administrative control. The principle of least privilege suggests starting with minimal access and expanding only as needed.
-
Create and assign roles: Use the Super Admin panel to create custom roles with the specific permissions you have defined. Assign these roles to individual users or groups.
-
Review periodically: As team members change roles or new data categories are added, review and update permissions to ensure they remain appropriate.
You can access the full configuration guide here, or watch the video tutorial here.
Benefits for multi-entity organizations
For companies managing sustainability data across multiple subsidiaries, locations, or business units, custom roles become especially valuable. Dcycle’s multi-entity management capabilities combined with role-based access allow organizations to:
- Give each subsidiary’s sustainability manager access only to their own entity’s data
- Provide the group sustainability director with a consolidated view across all entities
- Enable regional managers to review data for their geographic area without accessing other regions
- Allow external consultants or auditors temporary, scoped access for verification purposes
This level of granularity ensures that your carbon footprint data remains accurate, secure, and auditable at every level of the organization.
Now you have full control over accounts and the peace of mind that sensitive information is not exposed to unauthorized users. Request a demo to see how Dcycle’s role-based access control can work for your organization.
