Skip to main content
CCH Software User Documentation

Task Permissions


Task Permissions are used by system administrators to control which users have access to which functions. The Fixed Asset Register Task Permissions are accessed as follows.

  • They are set up in File > Maintenance > Security > Task Permissions.
  • Set the Product to Accounts Production.
  • The Group represents a set of all the permissions required by Employees performing a particular role. For instance, in a new Central database, CCH includes groups for Accounts administrator, Tax operator etc, although users can create their own.
    • Groups are properly called Security Groups.
    • A Security Group such as Tax operator not only includes permissions relating to Personal Tax. It includes permissions for all products. In particular, the Tax operator Security Group includes some permissions for Central, as a tax operator would need some of these.
    • An Employee who performs multiple roles may be in more than one Security Group. If an Employee has both Accounts Operator permissions and Tax Operator permissions, they are allowed to perform the functions that are enabled in either Security Group.
    • Employees are allocated to Security Groups by opening the Employee and selecting the Security Groups tab.
  • Task Permissions are categorised by Group Description. (The Group Description is unconnected with the Security Group just mentioned.) For Product Accounts Production, the available Group Descriptions are Business Type, Client, Maintenance, Other and Portal. In the screenshot below, the user has selected the Group Description as Client and the list of available permissions is shown.

  • In the screenshot below, the user has scrolled down, making some Fixed Asset Register Task Permissions visible.

Task Permissions are identified by a Permission Description such as “#Client #Fixed Asset Register #Can Delete Assets”  as shown above. This name has 3 parts, separated by hash characters. The first part of the Permission Description repeats the Group Description. But apart from that, the format of the name is just to make it understandable to the user and has no meaning to the application. Within the Fixed Asset Register, the following permissions are available:

Permission Name


#Maintenance #Open Master Asset Class

You can open the Master Asset Classes screen to view or edit the Master Asset Classes. (Master Asset Classes cannot be edited if they belong to a published Masterpack.)

#Client #Fixed Asset Register #Can Open Fixed Asset Register

You can access the Fixed Asset Register. Without this permission, the Fixed Asset Register icon is disabled.

#Client #Fixed Asset Register #Can Create New Register

You can create a Fixed Asset Register on a client that has never previously had one. You do this by clicking the Fixed Asset Register icon in Accounts Production and selecting the initial defaults such as “Generate Asset Codes Automatically?”

#Client #Fixed Asset Register #Can Import From Excel

Enables the icon to Import from Excel.

#Client #Fixed Asset Register #Can Import From VAP

Enables the icon to Import from VAP. This permission should be enabled with caution (see Notes below).

#Client #Fixed Asset Register #Can Delete Asset Movements

Enables the Delete icon for an Asset Movement.

#Client #Fixed Asset Register #Can Delete Assets

Enables the Delete icon for an Asset. But you can only delete an asset if it contains no asset movements.

#Client #Fixed Asset Register #Can Delete Asset Classes

Enables the Delete key for an Asset Class. But you can only delete an asset class if it contains no assets.


  • All the Task Permissions are under the Client Group Description apart from the first one which is under Maintenance because it is accessed through the Maintenance menu.
  • Care should be taken enabling the permission to Import from VAP. Importing from VAP on a new Fixed Asset Register is safe enough. But if a user does it on a FAR client that contains data, then all the existing FAR data for that client is deleted (after the user is warned). So this setting allows a user to delete all the data on a FAR client.

Applying Task Permissions

On upgrading to version 2017.1, all the settings are switched on for all Groups, apart from Can Import from VAP. The system administrator may wish to switch some of them off, especially for the Groups that have nothing to do with preparing accounts.

On a newly installed database, all these permissions are switched off. So you need to enable the permissions for those employees that need them.

In both cases, if you are comfortable with Accounts operators deleting data, such as Asset Movements or Assets, and you are using the default CCH Security Groups, then you might set:

  • Accounts Operator has all Fixed Asset permissions apart from “Open Master Asset Class” and “Can Import From VAP”.
  • Accounts Administrator has all Fixed Asset permissions.
  • Tax Operator and CT Operator have only “Can Open Fixed Asset Register” if these users understand how the FAR works.


  • If you are not happy about Accounts Operators being able to delete data you might restrict these rights to the Accounts Administrator.



  • Was this article helpful?