Required Roles: Any
Required Permissions: Workspace Manager
Introduction
User Groups allow Workspace Managers to efficiently manage permissions across cabinets, activities, sites, vendors, projects, and submissions. Instead of assigning access to users individually, groups streamline access control and ensure consistent permission management across modules.
This article explains how to:
Create a new user group
Define group-level permissions
Assign groups to cabinets, activities, projects, CTIS, Submissions, and eCTDs
Overview
User Groups control access across the following modules:
Clinical
eTMF cabinets
Sites
CTIS Builder
Trial Management (Projects)
Regulatory
Regulatory cabinets
Regulatory Activities
Submission Builder
eCTD Viewer
Regulatory Projects
Quality
Quality cabinets
Quality Activities
Vendors
Quality Projects
Corporate
Corporate cabinets
Projects
Groups can also be granted access to the Training module and Reports.
Creating a New User Group
Step 1 – Create the Group
Navigate to User Management in the settings icon on the lower left of your screen. Only workspace managers will be able to access this portion of Kivo.
Select the Groups tab
Select Create Group.
Step 2 – Define Group Name
Enter a Group Name, and click Create.
Step 3 - Define module-level permissions for:
Regulatory
Clinical
Quality
Corporate
Training Module
Reports
Note: Setting module access does not automatically grant access to the actual documents, activities, submissions, etc within those modules. This simply allows them to view and access the module.
Step 4 – Add Users to the Group
Click Edit beside the group and check the appropriate users to add them to the group and apply the defined permissions.
Group Cabinet Access and Permissions
Once the group is created and granted access to the appropriate modules, they will be eligible to be added to cabinets within those modules.
Adding Groups to Cabinets
To assign a group to specific cabinets:
Navigate to the relevant module (Regulatory, Clinical, Quality, or Corporate).
Enter Manager Mode.
Select the ellipsis icon for the specific cabinet.
Select Edit.
Under Permissions for the cabinet, select Groups.
Select the new group and choose Add Group.
Define Cabinet-Specific Permissions
For each added group, configure:
Cabinet-Specific Permission
Read or Edit
Download Permission
Download all versions
Download approved PDF renditions only
No downloads
View Draft Versions
Disabling this will allow these users to only see current approved version.
Upload into Placeholder
Allows Edit Permission users to upload into placeholders
Can View Unblinded Data
Allows users to view unblinded documents and Editors to mark documents as unblinded
Note: A user’s effective permissions are derived from both their role and their cabinet-level permissions. For instance, a user assigned the Viewer role will remain unable to edit documents, even if Editor permissions are applied at the cabinet level.
Assigning Groups to Activities
The following sub modules are considered Activities in Kivo:
Regulatory Activities
Trial Activities
Quality Activities
Vendors
To enable access to these activities, navigate to the appropriate activity page and perform the following steps.
Steps:
Enter Manager Mode.
Select Access in the top-right corner.
Under Groups, select Add Group.
Select the new group.
Define subtype(s) if applicable.
Access can be given on an individual activity type basis, or to all activity types.
Define whether group users should be Editors.
Select Add Groups.
The group is now assigned as configured.
Assigning Groups to Projects
Navigate to:
• Regulatory > Regulatory Projects
• Clinical > Trial Management
• Quality > Quality Projects
• Corporate > Projects
Steps:
Enter Manager Mode.
Select the user icon for the relevant Category, Type, or Project.
Under Groups, select Add Group.
Select the new group.
Define whether users should be Editors.
Select Add Groups.
Project Permission Hierarchy
Group access can be set at:
Category level
Type level
Project level
Permission inheritance works as follows:
Adding a group at the Category level grants access to all corresponding Types and Projects.
Adding a group at the Type level grants access to all corresponding Projects.
Assigning Groups to CTIS, Submissions, and eCTDs
Navigate to:
Clinical
CTIS Builder > Category > Product
Regulatory
Submission Builder > Category > Product > Application > Submission
eCTD Viewer > Category > Product > Application
Steps:
Enter Manager Mode.
Select the user icon for the relevant Category, Product, Application, or Submission.
Under Groups, select Add Group.
Select the new group.
Define whether users should be Editors.
Select Add Groups.
Access Inheritance Rules
CTIS Builder
Access can be set at Category or Product level.
Adding a group at Category grants access to all corresponding Products.
Submission Builder
Access can be set at Category, Product, Application, or Submission level.
Inheritance rules:
Category → All Products, Applications, and Submissions
Product → All Applications and Submissions
Application → All Submissions
eCTD Viewer
Access can be set at Category, Product, or Application level.
Inheritance rules:
Category → All Products and Applications
Product → All Applications
Notes and Best Practices
• Use groups to simplify permission management across modules.
• Assign permissions at the highest logical level to reduce maintenance.
• Review inheritance rules carefully before assigning access.
• Update group membership instead of editing permissions individually.