NetSuite Roles and Permissions: Access Control Guide

Aaxonix Team Aaxonix Team · Mar 30, 2026 · 4 min read #NetSuite #Permissions #Roles
NetSuite Roles and Permissions: Access Control Guide

NetSuite’s role-based access system gives each user access to exactly what they need. Sales reps see their deals and customer records. Warehouse staff see inventory and fulfilment. The CFO sees everything. For Indian mid-market companies with 20 to 200 users across departments, getting roles and permissions right is critical for data security and operational efficiency.

Role-based access control configuration in NetSuite

How NetSuite Roles Work

Every NetSuite user is assigned one or more roles. A role defines which modules, records, reports, and actions the user can access. NetSuite ships with 20+ standard roles (Administrator, Sales Manager, Accountant, Warehouse Manager, etc.) that cover most common configurations.

Standard Roles for Indian Businesses

RoleAccess
Sales RepOwn leads, contacts, opportunities, quotes
Sales ManagerAll sales data, team pipeline, forecasts
AccountantGL, AP, AR, bank reconciliation, reports
A/P ClerkVendor bills, payments, PO matching
WarehouseInventory, fulfilment, receiving, transfers
ExecutiveDashboards, KPIs, all reports (read-only)
AdministratorFull access including configuration

Creating Custom Roles

Go to Setup > Users/Roles > Manage Roles > New. A custom role is a permission set you build from scratch. For each transaction type, set permission to None, View, Create, Edit, or Full. For example, a “Purchase Coordinator” role might have Create and Edit on Purchase Orders but View-only on Vendor Bills.

Segregation of duties for audit compliance

Record-Level Restrictions

Beyond role permissions, restrict record access by department, subsidiary, or location. A salesperson in the West India team sees only customers and deals in the West India subsidiary. A warehouse manager in the Mumbai location sees only Mumbai inventory. Configure these restrictions in the role settings under Audience.

Segregation of Duties

For audit compliance, ensure no single user can both create a vendor bill and approve its payment. NetSuite supports segregation of duties by assigning different roles for creation and approval. The person who enters a vendor bill should not be the same person who releases the payment.

Frequently Asked Questions

How many roles can a user have?
A user can have multiple roles and switch between them. Common pattern: a finance manager has both Accountant and A/P Manager roles, switching based on the task. Each role change adjusts the user’s access and menu options immediately.
Can I restrict access to specific fields on a record?
Yes. Use field-level permissions and form customisation. Create a custom form for a specific role that hides sensitive fields (like cost price or margin) while showing the rest. Different roles can use different forms for the same record type.
How do I audit who accessed what in NetSuite?
NetSuite logs all record views, edits, and deletions in the system audit trail. Administrators can review login history, record access logs, and permission changes. For Indian companies subject to statutory audits, this trail demonstrates proper access control.
Can external users (vendors, customers) get limited access?
Yes. NetSuite supports customer and vendor center roles. These are limited portals where external users can view their own transactions (orders, invoices, support cases) without seeing internal data. Useful for customer self-service and vendor invoice submission.
Share this article LinkedIn Twitter / X
# NetSuite # Permissions # Roles # Security

Keep Reading

← Back to all articles

Thinking about Zoho or NetSuite?

Our team builds systems that actually work. No fluff, just honest architecture and clean implementation.

Schedule a free consultation View case studies