Skip to main content

Access Role Management (ARM): Extend manager access with People groups (Admin)

Add and manage extra people groups in manager-type (advanced) access roles to extend access beyond the reporting hierarchy.

Updated today

Who it’s for: Administrators (see access roles note)

Platform: Sense HR

Available on: Professional, Elite, and Enterprise plans

Before you begin

Make sure you’ve:

☑️ Logged in to the Sense HR web app

☑️ Been assigned administrator permissions

☑️ Opened the manager-type access role you want to update under Settings > Access roles

☑️ Understood which people the role should be able to access outside its default reporting group

🖊️ Access roles note:

Access to Settings > Access roles is usually limited to Administrators, but it can also be given to other roles if needed. This should only be done where absolutely necessary, as access role settings affect visibility and permissions across the whole system.

Overview

Manager-type (advanced) access roles can be given access to people beyond their default reporting hierarchy by adding extra People groups.

This is useful when a role needs access to additional employees for reasons such as:

  • cross-department oversight

  • regional support

  • project-based access

  • specialist HR or operational responsibilities

Each People group can have its own profile permissions, so the role can have different access levels for different groups of people.

This article explains how to:

  • add another People group

  • choose who the group includes

  • exclude specific people or groups

  • review filtered results

  • manage permissions for the new group

  • avoid overlapping groups that can create conflicting permissions

Navigation path

HR Dashboard > Settings > Access roles > [Select manager-type (advanced) role] > Permissions > People

Understand the People tab

The People tab shows the groups of people this access role can access.

This may include:

  • Their Team

  • Their team including indirect reportee

  • other existing custom groups added to the role

Clicking a group opens the profile permissions for that group.

Inside each group, you can manage the same types of screen access permissions used in Own profile, including:

  • View

  • Update

  • Add

  • Delete

  • Field permissions

  • Preview screen

People tab showing existing groups in a manager-type access role.

When to add another group

Use Add another group when the role needs access to people outside its default reporting group.

For example, you might use this when a manager-type role needs access to:

  • another department

  • a different location

  • a selected set of named employees

  • a wider operational area than their reporting line normally allows

Each group can have its own permissions, so one group could have limited access while another has broader access.

Steps to Add another group

  1. Open the manager-type access role.

  2. Click Permissions.

  3. Open the People tab.

  4. Click Add another group.

    Add another People group form showing group name and full document access option.

  5. Enter a Group name.

  6. Choose whether to enable Enable full document access.
    This grants the role full admin-level access to the documents of employees in the group.

  7. Click Next.

  8. In the next step, search and select who the group should include.

    People group setup showing include filters, exclusions, and view filtered results.

  9. Optionally use Exclude people to remove specific people or smaller groups.

  10. Click View filtered results to review who is included.

  11. Click Save.

✅ The new group is added to the People tab.

Choose a clear group name

Give each group a clear, descriptive name so future admins can understand what access it provides.

Good names usually describe the people scope, such as:

  • Doncaster Sales

  • Regional Support Team

  • Project Managers

  • Head Office Excluding Directors

💡 Tip:

Name the group based on the people it includes, not the access role itself. This makes the role easier to understand and maintain later.

Understand Enable full document access

When Enable full document access is turned on for a People group, users with that access role get administrator-level access to documents for the people in that group.

This affects document access for that People group only.

🖊️ Note:

Use this carefully. It gives broader document access than standard screen-level permissions for that group.

Search and add people to the group

In the second step, use Search people to define who should be included in the group.

You can search using things such as:

  • specific named people

  • job title

  • department

  • location

  • contract type

  • hierarchy position

  • smart filters such as team-based options where available

You can select multiple filters to build the group.

Understand how filters work

The way filters combine depends on whether they come from the same category or different categories.

Filters from different categories

Filters from different categories work as an AND rule.

For example:

  • Head Office + Sales

This returns people who are in Head Office and in Sales.

Filters from the same category

Filters from the same category work as an OR rule.

For example:

  • Head Office + Sales + Marketing

This returns people who are in Head Office and in Sales or Marketing.

It would not include Sales or Marketing employees in other locations.

Use Exclude people

Use Exclude people when you want to include a large group, but remove selected people or sub-groups from it.

For example, you might:

  • include a whole location

  • include a whole department

  • include the full company
    ... then exclude senior leaders or specific named employees

This is useful when most of a group should be included, but a small number of people should be excluded.

Use View filtered results

Before saving the group, click View filtered results to check who is currently included.

This is the safest way to confirm that the group contains the right people before you apply it to the role.

🖊️ Note:

For smart filters, the result depends on the person later assigned to the role. In those cases, the system may show the smart-filter name rather than a fixed list of people.

Manage permissions for the new group

Once the group is saved, it appears in the People tab alongside the other groups in that role.

People tab showing a newly added custom People group.

Click the group name to open its permissions.

You can then manage that group’s:

  • View

  • Update

  • Add

  • Delete

  • Field permissions

  • Preview screen

These work in the same way as other profile permissions in access roles.

🖊️ Related guidance:

See Manage profile and people permissions in access roles for full guidance on screen-level and field-level permissions.

Edit an existing group

You can update an added People group at any time.

From the More actions (…) menu next to a group, you can:

  • rename the group

  • edit the people included in the group

  • delete the group

Use this when the group’s scope needs to change over time.

Avoid overlapping groups

Take particular care when adding multiple People groups to the same role.

If the same person is included in more than one group in that access role once its assigned, it can create conflicting permissions.

⚠️ Caution:

Plan People groups carefully so that one person does not fall into multiple groups within the same access role once it is assigned.

Best practice

  • Add extra groups only when the default reporting access is not enough.

  • Use clear group names.

  • Check View filtered results before saving.

  • Use Exclude people to refine broad groups rather than creating many near-duplicate groups.

  • Be especially careful with Enable full document access.

  • Avoid overlapping groups inside the same access role.

  • It can be helpful to keep a test profile available so you can safely check what the role can actually see and do before assigning it to real users.

FAQs

Click here to view answers to frequently asked questions


Q: Why would I add another People group to a manager-type role?

A: The reason you would add another People group to a manager-type role is to give that role access to people outside its default reporting hierarchy.

Q: Why can a manager-type role see the wrong people?

A: The reason a manager-type role can see the wrong people is usually that the group filters, exclusions, or people scope in the access role need updating.

🖊️ Note: Take particular care when adding multiple People groups to the same role. If the same person is included in more than one group, it can create conflicting permissions.

Q: Why should I use View filtered results before saving?

A: The reason you should use View filtered results before saving is to confirm that the group includes the right people before it is applied to the role.

Q: What does Enable full document access do?

A: The reason you might use Enable full document access is to give that role administrator-level document access for the people in that group.

Related Articles
Assign an access role to a user (Admin)
Reports: Generate a report for tracking and auditing Access role or Permission groups (Admin)
Access roles management (ARM): Create and edit access roles (Admin)
Access Role Management (ARM): Manage profile and people permissions in access roles (Admin)
Access Role Management (ARM): Manage feature permissions and custom actions for standard and advanced access roles (Admin)
Did this answer your question?