Roles
ChangeBreeze implements distinct roles, each with specific permissions designed around ITIL change management principles:
Change Creator
Purpose: Users who initiate and create change requests
Permissions:
- ✅ View changes
- ✅ Create new changes
- ✅ Edit own changes (before approval)
- ❌ Cannot approve changes (separation of duties)
- ❌ Cannot manage users or templates
Best For:
- Technical staff
- System administrators
- Project managers
- Anyone who needs to submit change requests
ITIL Principle: Ensures changes are properly documented by those closest to the technical work while maintaining separation between creators and approvers.
Technical Approver
Purpose: Provides technical review and approval for changes
Permissions:
- ✅ View changes
- ✅ Approve technical aspects of changes
- ✅ Review technical implementation plans
- ✅ Create new changes
- ❌ Cannot provide operational approval
- ❌ Cannot manage users
Best For:
- Senior technical staff
- Solution architects
- Technical subject matter experts
ITIL Principle: Technical approval ensures changes are technically sound, feasible, and properly planned before implementation.
Operational Approver
Purpose: Provides operational/business impact approval
Permissions:
- ✅ View changes
- ✅ Approve operational aspects of changes
- ✅ Assess business impact
- ✅ Create new changes
- ❌ Cannot manage users
Best For:
- Operations managers
- Service delivery managers
- Business stakeholders
- Compliance officers
ITIL Principle: Operational approval ensures changes align with business needs, timing requirements, and service level agreements.
Company Admin
Purpose: Organisational user accounts with Company Admin permissions have full administrative control within their company. In multitenant environments, these users also inherit full administrative rights across all sub-companies, with permissions cascading automatically from the parent organisation.
For customer users within a sub-company who have Company Admin permissions, their access is limited to the administrative settings of that specific sub-company only.
Permissions:
- ✅ View changes
- ✅ Create changes
- ✅ Edit own changes
- ✅ Approve technical changes
- ✅ Approve operational changes
- ✅ Manage users within the company
- ✅ Manage change templates
Best For:
- IT managers
- Change managers
- Company administrators
- Department heads
ITIL Principle: Company admins have full control to manage change processes within their scope, including user management and template creation.
Read-Only Viewer
Purpose: Visibility without modification capabilities
Permissions:
- ✅ View changes and their details
- ❌ Cannot create changes
- ❌ Cannot edit changes
- ❌ Cannot approve changes
- ❌ Cannot manage users or templates
Best For:
- Executive stakeholders
- Auditors
- External consultants
- Team members who need awareness without modification rights
ITIL Principle: Provides transparency and oversight while protecting the integrity of change records.
Common Role Assignment Scenarios
Scenario 1: New MSP Technician
Recommended Role: Change Creator
Can submit changes for clients
Cannot approve own work (maintains accountability)
Scenario 2: Senior MSP Engineer
Recommended Roles: Change Creator + Technical Approver
Can create and technically approve changes
Should not approve their own submissions
Scenario 3: MSP Operations Manager
Recommended Role: Company Admin
Full oversight of change processes
Can manage users and approve all change types
Scenario 4: Client IT Manager
Recommended Role: Change Creator (or Viewer if read-only)
Can submit changes affecting their company
MSP handles approvals unless otherwise agreed
Scenario 5: Auditor/Compliance Officer
Recommended Role: Read-Only Viewer
Complete visibility for compliance
Cannot modify change records