How to set up role based access and permissions in Aviso for large sales teams

If you manage a big sales team, you know the pain: too many cooks in the kitchen, random people editing deals, sensitive data in the wrong hands. Setting up roles and permissions isn’t glamorous, but it’s the difference between order and chaos. This guide walks you through setting up role-based access in Aviso—with all the gotchas, shortcuts, and honest advice you actually need.

Who’s this for? Anyone wrangling a sales org in Aviso with more than a handful of reps, especially if you need to keep data locked down and workflows tight.

Step 1: Get Clear on What You Actually Need

Don't start clicking around in Aviso yet. First, sketch out what roles your team actually needs. Overcomplicating this will only make life harder later on.

Start by answering: - Who needs to see everything (admins, execs)? - Who should only see their own data (reps)? - Who needs to edit, approve, or just observe (managers, ops)? - Any contractors or cross-team folks who need limited access?

Pro tips: - Keep the number of roles as small as possible. Three to five is plenty for most large teams. - Don’t let titles drive your roles. Focus on what people actually do in Aviso. - Write down the permissions for each role, even if it’s just in a doc. You’ll thank yourself later.

What to ignore:
Fancy org charts. Base roles on real workflows, not job titles.

Step 2: Map Out Permissions (Before You Touch Aviso)

Every sales tool has its own quirks for permissions. Aviso is flexible, but it can be a mess if you wing it.

Permissions to consider: - View vs. Edit: Who can just look, and who can change things? - Deal Access: Can reps see each other's deals? Or just their own? - Forecasting: Who can submit or override forecasts? - Reporting: Who can view sensitive metrics (pipeline, revenue, etc.)? - Admin: Who can add/remove users or change settings?

Quick framework:
| Role | View Deals | Edit Deals | Forecast | Admin | Reports | |--------------|------------|------------|----------|-------|---------| | Sales Rep | Own | Own | No | No | Limited | | Manager | Team | Team | Yes | No | Full | | Executive | All | No | Yes | No | Full | | Admin | All | All | Yes | Yes | Full |

Real talk:
Not everyone needs admin rights—even if they ask. Keep the admin group tiny.

Step 3: Set Up Roles in Aviso

Now you’re ready to get into Aviso and build out your roles.

  1. Login as an admin. Only admins can create or change roles.
  2. Go to Settings > User Management > Roles.
  3. Create a new role for each group you mapped out. Don’t get cute with names—keep it obvious (e.g., “Sales Rep,” “Manager”).
  4. Assign permissions for each role, matching what you mapped in the table above.
  5. Most permissions are toggles—read the descriptions carefully.
  6. When in doubt, start with the least access and add more later.
  7. Save each role as you go. Double-check the summary screen to catch any mistakes.

Pro tips: - Use the “Clone Role” feature if you have similar roles (like Sales Rep vs. Sales Contractor). - Document who has which role somewhere outside Aviso (shared doc, spreadsheet, etc.). It’s too easy to lose track otherwise.

Common pitfalls: - Giving managers admin by default (don’t). - Overlapping permissions that make troubleshooting a nightmare. - Forgetting to hit “Save”—seriously, it happens.

Step 4: Assign Users to Roles

This is where things get tedious, especially if you’ve got dozens or hundreds of users.

  1. Bulk import if possible: Aviso supports CSV import for user-role assignments. Prepare a simple spreadsheet:
    • First Name
    • Last Name
    • Email
    • Role
  2. Manual assignment: For a handful of users, you can assign roles one-by-one in User Management.
  3. Double-check assignments: Spot check a few users in each role to make sure permissions look right.

Pro tips: - Set up a test account with each role. Log in as that user to see exactly what they can (and can’t) do. - Tell your team about the changes before you lock things down. Otherwise, you’ll get flooded with “Why can’t I see my deals?” tickets.

What to ignore:
Assigning roles based on what people “might need someday.” Start strict, loosen up later if you have to.

Step 5: Test Your Role Setup—Really Test It

Don't just trust that your setup works. Test it like a paranoid auditor.

  • Impersonate users: Aviso lets admins “impersonate” users to check access. Use this for every role.
  • Try common tasks: For each role, check:
    • Can they see the right deals?
    • Can they edit what they should (and nothing more)?
    • Can they access sensitive reports?
    • Are admin settings hidden from non-admins?
  • Ask for feedback: Have a few real users poke around for a day and report back.

Pro tips: - Keep a checklist for testing each role. - Plan for tweaks. You’ll almost always need to adjust something once people start using it.

Biggest mistake to avoid:
Skipping this step and assuming your permissions are fine. Broken access controls are a nightmare to fix later.

Step 6: Maintain and Review Regularly

Roles and permissions aren’t set-and-forget, especially with a big team and regular turnover.

  • Quarterly review: Once a quarter, review who has which roles. Remove access from anyone who’s left or changed jobs.
  • Audit logs: Aviso tracks admin changes—use these logs if something weird happens.
  • Keep documentation updated: If you change a role, update your doc/spreadsheet.

Pro tips: - Run a “least privilege” check: Does anyone have more access than they need? - Clean up unused roles—don’t let them pile up.

What to ignore:
Building complex, multi-layer “just in case” roles. Complexity is the enemy here.

What Works, What Doesn’t, and What to Skip

What Works

  • Fewer, well-defined roles.
  • Least privilege as the default.
  • Documenting everything outside Aviso (in case someone changes settings by accident).

What Doesn’t

  • Granting blanket admin or “just in case” access.
  • Over-customizing roles for every unique user.
  • Ignoring regular reviews—permissions drift fast.

What to Ignore

  • Fancy org structures that don’t match actual workflows.
  • One-off requests for special access—unless truly justified.

Keep It Simple and Iterate

Setting up role-based access in Aviso isn’t rocket science, but it’s easy to overthink. Start with simple, clear roles, lock things down, and be ready to adjust as your team grows or changes. Don’t chase perfection—just make sure the right people see (and can edit) the right stuff.

Got a mess to clean up? Don’t panic. Tackle it one role at a time, test as you go, and keep your documentation tight. The simpler you keep it, the less likely you’ll wake up to chaos in your pipeline later.

Good luck—and don’t forget to hit Save.