Skip to content

Access, cost masking and audit

Inventory actions are permission-controlled, cost figures can be hidden from roles that shouldn’t see them, and every sensitive action is logged immutably.

Access is deny-by-default, and viewing, operating and approving are separate permissions:

  • View: read stock views and reports.
  • Operate: post transfers and adjustments. A viewer can read the stock views but cannot post any movement.
  • Approve: approve reconciliations and high-value adjustments. This is typically held by Managers or Accounts.

Valuation and cost columns can be masked for roles that lack the valuation-view permission. A store user, for example, can work with quantities while cost and stock value stay hidden.

All stock data, balances, movements, transfers and reconciliations, is scoped to your organisation. No other tenant can ever read or write your stock. Serial numbers and warehouse names can safely coincide with another organisation’s without any clash.

Every sensitive stock action writes an append-only audit entry, it can never be edited or deleted. Audited actions include:

  • adjustments
  • transfers
  • reconciliation postings
  • approvals and rejections
  • serial assignments.

Each entry records the user, the action, the item and warehouse, the before/after quantity and value, the timestamp, and the source document. You can query the audit by item, warehouse, user and date to investigate any discrepancy.