Introduction
When a user within an organisation requests a change that may affect services, or their access rights, we will seek authorisation for this change.
Our support system allows us to have visibility over who can authorise changes, and where exceptions may be allowed. See below for more information.
Requesting a Change
Any user can request any change. However, we will seek authorisation from the main contact for the organisation if your request falls out of the 'standard' user support scope.
This may include, but not limited to:
- Requests for amendments to access permissions on files or a service
- Requests for the addition/deletion of other users
- Requests for public-facing changes, such as a website modification
- Requests for new services, amendments to existing services, or visibility of sensitive information - such as a Direct Debit mandate for the organisation, billing information or service contracts.
Who is the main contact?
When we create an agreement or service with an organisation, the company will elect a main contact. This is the person that we liaise with for meetings, service reviews, service amendments etc.
Typically, the main contact will, or should be, the most technical or privileged user within the organisation. These roles may include, but are not limited to, a Manager, Director, or IT Support personnel.
There may be more than one main contact for an organisation - or a group of 'VIPs' - these are users with federated access to services, such as:
- A Finance manager with only access to billing and invoicing information
- An IT Manager with no access to financial information, but can control technical services
Exceptions
A main contact may request that a certain individual in an organisation can request a specific type of change. Such as an Administrative member of staff being allowed to request changes to certain pages on the website.
Where these requests fall out of the exceptions scope, we will revert back to the main contact.
Where we cannot or should not contact a main contact for a request, such as a HR case against said contact, we will follow the below process:
- If the organisation has more than one main contact, we will contact the alternate contact.
- Failing the above, we will contact, or deal with, a registered Director*.
* Please note that we will only ever deal with a Director if they are listed as a registered Director on the Companies House website. If we cannot verify the position of a contact, we won't be able to proceed.
We may also be required by law, or by the request of relevant local authorities, to make unannounced changes to services or packages where the organisation has been found to breach legislation.
There may be other mitigating circumstances not outlined in this policy document where exceptions to this policy may be necessary.
