Complete Guide to Planning User Roles, Permissions, and Edit Log Security in TallyPrime & TallyPrime Server Edition

As organizations grow, multiple employees begin accessing the same Tally company data for accounting, inventory management, GST filing, payroll, banking, reporting, and auditing. Without a well-defined user security structure, businesses face risks such as unauthorized voucher modification, accidental deletion, data leakage, and compliance issues.

Modern versions of **TallyPrime equipped with Edit Log and organizations using TallyPrime Server require proper planning before creating users. Instead of assigning permissions randomly, businesses should prepare a complete User Requirement Sheet that defines every employee's responsibilities, department, and system access.

Advertisement

This article explains how to collect user information, design security roles, assign permissions, and implement a scalable security policy in TallyPrime.


Why Proper User Planning is Important

Many organizations simply create users with generic permissions, which often results in:

  • Unauthorized voucher editing
  • Incorrect financial entries
  • Accidental deletion of masters
  • Weak password security
  • No accountability
  • Audit complications
  • Data inconsistency
  • Compliance risks
  • GST reporting errors
  • Inventory manipulation

A structured user planning process eliminates these problems.


Benefits of Role-Based Access Control (RBAC)

Role-Based Access Control allows users to receive permissions based on their job responsibilities instead of assigning rights individually.

Advantages include:

  • Faster user creation
  • Standardized permissions
  • Easier employee onboarding
  • Better audit compliance
  • Improved security
  • Reduced human error
  • Simplified administration
  • Easier troubleshooting
  • Consistent security policy
  • Better management reporting

Information to Collect Before Creating Users

Before opening TallyPrime Security Control, collect the following information from the customer.

Employee Details

  • Employee ID
  • Employee Name
  • Department
  • Designation
  • Branch
  • Email Address
  • Mobile Number
  • Joining Date
  • Reporting Manager
  • Employee Status

Login Details

Collect:

  • Tally Username
  • Initial Password
  • Password Change Required
  • Login Status
  • Active/Inactive
  • Expiry Date (if applicable)

Department Information

Examples include:

  • Accounts
  • Sales
  • Purchase
  • Inventory
  • Warehouse
  • HR
  • Payroll
  • Management
  • Administration
  • Audit
  • Finance

Role Planning

Instead of configuring every employee separately, create reusable roles.

Example roles:

  • Administrator
  • Accounts Head
  • Senior Accountant
  • Accountant
  • Cashier
  • Purchase Executive
  • Sales Executive
  • Store Manager
  • Store Operator
  • Payroll Executive
  • HR Executive
  • Internal Auditor
  • External Auditor
  • Management
  • Read Only User

Each role should define its own permission set.


User Rights Planning

Permissions should be documented before implementation.

Typical permissions include:

  • Company Creation
  • Company Alteration
  • Backup
  • Restore
  • Rewrite Company
  • Split Company
  • Create Voucher
  • Alter Voucher
  • Delete Voucher
  • Cancel Voucher
  • Create Ledger
  • Alter Ledger
  • Delete Ledger
  • Create Stock Item
  • Alter Stock Item
  • Banking
  • Payroll
  • Cost Centres
  • Budget
  • GST Reports
  • Inventory Reports
  • Outstanding Reports
  • Printing
  • Export
  • Import
  • Email Reports
  • Security Control

Voucher-Level Security

Each voucher type should have separate permissions.

Examples:

  • Sales
  • Purchase
  • Payment
  • Receipt
  • Contra
  • Journal
  • Credit Note
  • Debit Note
  • Stock Journal
  • Delivery Note
  • Receipt Note
  • Physical Stock
  • Rejections In
  • Rejections Out

For every voucher define:

  • Create
  • Alter
  • Delete
  • Cancel
  • Print

Edit Log Planning

Edit Log records every important activity performed by users.

Permissions may include:

  • View Edit Log
  • Print Edit Log
  • Export Edit Log
  • View Deleted Entries
  • View Cancelled Vouchers
  • View Modified Entries
  • View Original Values
  • Allow Backdated Changes
  • Approve Changes
  • Reverse Changes

Edit Log significantly improves accountability and traceability.


TallyPrime Server Edition Security

For organizations using TallyPrime Server Edition, additional planning is recommended.

Typical server permissions include:

  • Company Access
  • Session Monitoring
  • User Monitoring
  • Lock Company
  • Unlock Company
  • Backup
  • Restore
  • User Administration
  • Data Monitoring
  • Performance Monitoring
  • Company Maintenance

Password Policy

A secure password policy should include:

  • Minimum 8–12 characters
  • Uppercase letters
  • Lowercase letters
  • Numbers
  • Special characters
  • Password expiry
  • First login password change
  • No password sharing
  • No default passwords

Suggested Excel Workbook Structure

An ideal implementation workbook should contain:

  1. User Master
  2. Department Master
  3. Role Master
  4. User Rights
  5. Voucher Rights
  6. Edit Log Permissions
  7. Server Rights
  8. Password Details
  9. Approval Matrix
  10. Remarks

This workbook becomes the reference document for future audits and user management.


Best Practices

  • Never share Administrator credentials.
  • Assign only the permissions required for the user's role.
  • Avoid giving delete rights unless absolutely necessary.
  • Restrict access to sensitive financial reports.
  • Review user permissions periodically.
  • Disable accounts of employees who leave the organization.
  • Maintain password confidentiality.
  • Keep regular backups before changing security settings.
  • Enable Edit Log wherever applicable.
  • Document all role changes for future reference.

Common Mistakes

Avoid these common errors:

  • Giving Administrator rights to everyone
  • Shared login credentials
  • Weak passwords
  • No password policy
  • No documentation
  • Unrestricted voucher deletion
  • No approval workflow
  • Ignoring Edit Log
  • No periodic security review
  • Poor role planning

Conclusion

Proper security planning in TallyPrime is much more than creating usernames and passwords. A structured implementation using departments, predefined roles, user rights, voucher permissions, Edit Log controls, and TallyPrime Server security creates a secure, scalable, and audit-friendly accounting environment.

Preparing a comprehensive Excel requirement sheet before implementation reduces deployment time, minimizes configuration errors, and ensures that every employee receives only the permissions necessary to perform their job efficiently. This approach also simplifies future audits, user onboarding, and security management while helping organizations maintain better control over their accounting data.

 

#TallyPrime #TallyPrimeServer #TallyERP #TallySecurity #EditLog #AuditTrail #Accounting #Bookkeeping #GST #Inventory #Finance #AccountingSoftware #BusinessAutomation #ERP #RoleBasedAccess #RBAC #CyberSecurity #DataSecurity #UserManagement #FinancialControl #Audit #InternalAudit #Compliance #ServerEdition #TallySupport #TallyConsultant #TallyPartner #Accounts #Payroll #Banking #VoucherEntry #InventoryManagement #BusinessManagement #SmallBusiness #Enterprise #PasswordPolicy #AccessControl #ITAdministration #AccountingTips #ERPSoftware #BusinessSecurity #SoftwareImplementation #AccountingSystem #FinancialManagement #DigitalAccounting #DataProtection #BusinessTechnology #SystemAdministration #AuditCompliance #BisonInfosolutions


TallyPrime TallyPrime Server Tally Edit Log Tally Security User Rights User Roles Role Based Access RBAC Tally User Creation Tally Login Password Policy Security Control Voucher Rights Ledger Permissions Inventory Rights GST User Rights Pa
Advertisement