Access control and audit
Every purchase record is controlled, isolated and logged, so your procurement stays compliant and accountable.
Permissions
Section titled “Permissions”Purchase actions are deny-by-default behind module permissions, view, create, edit, cancel, approve, receipt and return. If you lack the permission for an action, you’re refused. Beyond the module permission, in-action rules apply too, for example, you can’t approve your own PO, and where a distinct approver is required, that’s enforced.
Your data stays yours
Section titled “Your data stays yours”Every purchase record, orders, goods receipts, material requests, returns and vendor invoices, is scoped to your organisation. A user in one organisation can never read or write another’s purchase records.
Audit trail
Section titled “Audit trail”PO state changes and approval decisions (approve/reject, with comment, actor and time) write append-only audit entries. These entries can’t be edited or deleted, and are visible only within your organisation, giving you a complete, tamper-evident record for compliance.