Alma Account Guidelines

Historically, we have needed to provide access to user records to all staff since it was not possible to restrict tightly and since staff in most areas of the library utilized pseudo patrons.  We have also provided full access to many acquisition areas due to the inability to provide read only access.  Both of these practices have been challenged by campus auditors.  In a few cases we were able to address the issues with reports and in others the auditors accepted the issue acknowledging the limitations of the software.  The introduction of Alma provides ways to resolve many of these issues in a more systematic way.  The guidelines below will allow us to resolve many of these issues as well as maintain a more secure computing environment for both staff and students.

Beyond the guidelines below, we recommend an annual access audit.  This will help us reduce the number of accounts in use (we have 250 licensed) and give us the ability to quickly respond to audit requests. Although LTDS staff will generally add roles to staff accounts, what access they should receive should be determined by their unit head since LTDS staff do not necessarily know what the actual duties of the staff member are.  LTDS may provide suggestions and recommendations.

Staff Accounts

The general guideline is to limit access to only what is needed to perform tasks related to their position.  In cases where a person is temporarily takes on additional duties, the additional access can be set to expire automatically on a specific date.

Acquisitions:

  • Staff normally are not given access to user records.
  • Staff typically will be given access to most acquisitions information at the institution level
    • Staff that can pay invoices should not be able to create or delete invoices
  • Staff do have access to funds, usually this access should be read only. Requests for staff to have the roles of Fund Manager or Ledger Manager have to be requested by Nancy Godleski.

Metadata specialist:

  • Staff normally are not given access to user records
  • Should have access to all bibliographic records
    • Actions the staff member can do with the records will vary greatly.

Selectors/Subject librarians:

  • Should have read only access to funds
    • Library Directors, or designated collection development coordinators, will have full access to funds within their “ledger” or “summary.”  (This access will be postponed in order for the new fund structure to be set up in Alma and all are trained in fund management procedures.) NOTE: On 9/19/2018 the Fund Manager and Ledger Manager roles were deleted from accounts for staff who were not directly dealing with funds according to Nancy Godleski.
    • Selectors should have the role of Fund/Ledger Viewer (scoped to the institution) in order to have view only access to funds and ledgers.
  • Have selector rights (add purchase requests)

Circulation:

  • Staff should have access to [all functions for] their service desk(s)
    • Ability to add/delete users and pay fines will vary between libraries.
  • Students generally should only have limited circulation access, although at least one person per shift should have access to create user records. This will need to be adjusted as needed for each library.

End-users:

  • Should have full patron access EXCEPT in cases where they only have access to a specific library. In those cases, their patron roll should be scoped to the specific library
  • Most accounts should be external and the user record should not be edited
  • Internal accounts may be created but specific settings should be guided by the Access Services Committee

Other:

  • Other staff and patrons may need various levels of accounts. These will be treated on a case by case basis but documented.

Students workers:

  • Students will be given rights as defined by their supervisors
  • Accounts will expire 1 month after the semester ends automatically unless they will be continuing. The month buffer is given to allow staff to inform LTDS and give LTDS time to make the adjustments.

Example/suggested Roles:  these suggestions are based on experience during the testing period. In most cases these are a little broader than recommended by Ex Libris.  This increased security is needed since staff generally cross-over roles and need more access.

  • Acquisitions (Scoped to Vanderbilt University level)
    • Acquisitions Manager
    • Catalog Manager
    • Electronic Inventory Operator
    • Electronic Inventory Operator Extended
    • Fund Manager (restricted – see note under “Acquisitions” above)
    • Fund-Ledger Viewer
    • Invoice Manager (see note about combining Invoice and Vendor operator roles)
    • Invoice Operator
    • Invoice Operator Extended
    • License Manager
    • Physical Inventory Operator
    • Physical Inventory Operator Extended
    • Receiving Operator
    • Receiving Operator Extended
    • Vendor Manager (see note about combining Invoice and Vendor operator roles)
    • Work Order Operator
  • Cataloger (scoped at Vanderbilt University level)
    • Cataloger Manager (optional)
    • Cataloger
    • Cataloger extended
    • Electronic Inventory Operator
    • Physical Inventory Operator
    • Work Order Operator
  • Circulation/Fulfillment: (scoped to library/service desk)
    • Resource Sharing Partners Manager
    • Circulation Desk Operator
    • Fulfillment Services Manager (should be limited to managers)
    • Requests Operator
    • Physical Inventory Operator
    • Fulfillment Services Operator
    • Work Order Operator
    • Students just needing to circulate materials should only have Circulation Operator — Limited
  • E-resources (Scoped to Vanderbilt University level)
    • License manager
    • Purchasing Operator (read only)
    • Electronic Inventory Manager (optional)
    • Electronic Inventory Operator
    • Electronic Inventor Operated extended
    • Physical Inventory Operator (at least initially for cleanup)
    • Physical Inventory Operator extended (at least initially for cleanup)
    • Usage data operator (may want to just go with manager here)
  • General roles:
    • Design Analytics
    • Fund/Ledger Viewer
    • Trial participant
    • License viewer (could be helpful to ILL and others once it is populated)
  • Roles that should NOT be combined:
    • Invoice Manager and Vendor Manager

 

The roles below must be restricted due to the access it provides to the system or the ability to make changes that could result in major issues throughout the system.

  • General Services Administrator
  • Fulfillment Administrator
  • User Administrator (note this is for staff users. This access allows the user to change (grant/remove) roles from anyone. This also allows removing/editing user load integrations)
  • User Manager (note this is for staff users. This access allows the user to change (grant/remove) roles from anyone)
  • Resource Sharing Administrator
  • Acquisitions Administrator
  • Repository Administrator
  • Catalog Administrator
  • Letter administrator (possibly of use to the chair of the Access services group)
  • Fund Manager and Ledger Manager