Báo cáo và Phân quyền - Reporting & Permissions
1. Role-Based Access Control (RBAC)
1.1. Roles trong hệ thống
| Role | Description | Primary Responsibility |
|---|---|---|
| Accountant | Kế toán | Contract, Payment, Invoice management |
| PM | Project Manager | Budget allocation, Campaign planning, Vendor management |
| Ads Team | Ads Specialist | Execute campaigns, Optimize performance |
| Finance | Finance Manager | Cashflow, Financial planning |
| Director | Giám đốc | Strategic oversight, Approvals, P&L review |
| Admin | System Admin | User management, System configuration |
1.2. Permission Matrix
| Function | Accountant | PM | Ads Team | Finance | Director | Admin |
|---|---|---|---|---|---|---|
| Contract Management | ||||||
| Create Contract | ✓ | - | - | - | ✓ | - |
| Edit Contract | ✓ | - | - | - | ✓ | - |
| Delete Contract | - | - | - | - | ✓ | ✓ |
| View All Contracts | ✓ | - | - | ✓ | ✓ | ✓ |
| Scope Management | ||||||
| Create Scope | ✓ | ✓ | - | - | ✓ | - |
| Edit Scope | ✓ | ✓ (own) | - | - | ✓ | - |
| Delete Scope | - | - | - | - | ✓ | ✓ |
| View Scope Financial | ✓ | ✓ (own) | - | ✓ | ✓ | - |
| Campaign Management | ||||||
| Create Campaign Plan | - | ✓ | - | - | - | - |
| Edit Campaign Plan | - | ✓ (own) | - | - | ✓ | - |
| View Campaign Budget | - | ✓ | ✓ (assigned) | ✓ | ✓ | - |
| Approve Budget Increase | - | - | - | - | ✓ | - |
| Milestone & Payment | ||||||
| Create Milestone | ✓ | - | - | - | ✓ | - |
| Edit Milestone | ✓ | - | - | - | ✓ | - |
| Issue Invoice | ✓ | - | - | - | - | - |
| Record Payment | ✓ | - | - | - | - | - |
| Vendor Management | ||||||
| Create Vendor | - | ✓ | - | - | - | ✓ |
| Assign Vendor | - | ✓ | - | - | - | - |
| Approve Vendor Payment | - | ✓ | - | - | ✓ | - |
| Process Vendor Payment | ✓ | - | - | - | - | - |
| View Vendor Cost | - | ✓ (own) | - | ✓ | ✓ | - |
| Financial Reports | ||||||
| View Cashflow | ✓ | - | - | ✓ | ✓ | - |
| View P&L | ✓ | ✓ (own scope) | - | ✓ | ✓ | - |
| View Profit Margin | - | ✓ (own) | - | ✓ | ✓ | - |
| Export Financial Data | ✓ | - | - | ✓ | ✓ | - |
| System Administration | ||||||
| Create User | - | - | - | - | - | ✓ |
| Assign Roles | - | - | - | - | - | ✓ |
| System Configuration | - | - | - | - | - | ✓ |
| View Audit Logs | - | - | - | - | ✓ | ✓ |
1.3. Data Access Rules
Accountant
- View: All contracts, scopes, milestones
- Edit: Contracts, scopes, milestones, payment records
- Cannot: Delete contracts, approve budget increases
PM
- View: Own scopes, campaigns, vendor assignments
- Edit: Own campaign plans, vendor assignments
- Cannot: View other PMs' financial data, edit contracts
Ads Team
- View: Assigned campaigns (budget, KPI targets)
- Edit: Nothing in the system (chỉ execute campaigns on ads platform)
- Cannot: View costs, margins, other campaigns
Finance
- View: All financial data (cashflow, P&L, budgets)
- Edit: Nothing (read-only)
- Cannot: Create/edit contracts or campaigns
Director
- View: Everything
- Edit: Everything (with audit trail)
- Approve: Budget increases, major changes
Admin
- View: System configuration, user management
- Edit: User roles, permissions, system settings
- Cannot: View financial data (unless also has Finance role)
2. Dashboard theo Role
2.1. Accountant Dashboard
ACCOUNTANT DASHBOARD
═════════════════════════════════════════════════
📋 CONTRACTS
──────────────────────────────────────────────────
Active Contracts: 8
Total Value: 12,500M VND
Pending Milestones: 15
📝 INVOICES TO ISSUE
──────────────────────────────────────────────────
FB01 - Phase 1 Ready 300M Due: Mar 31
TT01 - Phase 1 Ready 250M Due: Jun 30
💰 ACCOUNTS RECEIVABLE
──────────────────────────────────────────────────
Outstanding: 950M VND
Overdue: 200M VND
Due This Month: 450M VND
⚠ ALERTS
──────────────────────────────────────────────────
[!] 2 invoices overdue \> 15 days
[!] 3 milestones ready to invoice
2.2. PM Dashboard
PM DASHBOARD - Nguyen Van B
═════════════════════════════════════════════════
📊 MY SCOPES (5)
──────────────────────────────────────────────────
Scope | Budget Usage | KPI Progress | Status
──────────────────────────────────────────────────
FB01 | 75% | 80% | ✓ On Track
TT01 | 62% | 85% | ✓ Ahead
WEB01 | 90% | 100% | ✓ Complete
APP01 | 45% | 32% | ⚠ Behind
💡 RECOMMENDATIONS
──────────────────────────────────────────────────
- APP01: KPI behind schedule, review targeting
- FB01: Budget 75% used with 50% time remaining
🎯 UPCOMING MILESTONES
──────────────────────────────────────────────────
FB01 Phase 1 1,250 leads needed 15 days left
2.3. Finance Dashboard
FINANCE DASHBOARD
═════════════════════════════════════════════════
💰 CASHFLOW FORECAST (Next 3 Months)
──────────────────────────────────────────────────
Inflow Outflow Net Cumulative
Feb 600M 550M +50M +50M
Mar 750M 655M +95M +145M
Apr 500M 555M -55M +90M
⚠ WARNING: April shows negative cashflow
📊 CURRENT POSITION
──────────────────────────────────────────────────
Cash Balance: 350M VND
Receivables: 950M VND
Payables: 285M VND
Net Position: 1,015M VND
🚨 ALERTS
──────────────────────────────────────────────────
[!] April cashflow risk: -55M
[!] 2 invoices overdue
[!] Reserve below target (350M vs 500M)
2.4. Director Dashboard
DIRECTOR DASHBOARD
═════════════════════════════════════════════════
📈 BUSINESS OVERVIEW
──────────────────────────────────────────────────
Active Contracts: 8
Total Contract Value: 12,500M VND
YTD Revenue: 3,200M VND
YTD Profit: 640M VND
Profit Margin: 20% ✓
💼 SCOPE PERFORMANCE
──────────────────────────────────────────────────
Total Scopes: 15
On Track: 10 (67%)
At Risk: 3 (20%)
Completed: 2 (13%)
🎯 TOP PERFORMERS (By Margin)
──────────────────────────────────────────────────
WEB01 - Kewpie LP 46% Profit: 23M
HOST01 - Hosting 60% Profit: 7M
FB01 - Facebook 25% Profit: 50M
⚠ BOTTOM PERFORMERS
──────────────────────────────────────────────────
APP01 - Mobile -5% Loss: -2M
GG01 - Google 12% Profit: 8M
🚨 APPROVAL REQUIRED (3)
──────────────────────────────────────────────────
[!] FB02: Budget increase 200M → 250M
[!] TT01: Vendor payment overdue 7 days
[!] APP01: Project at risk, action plan needed
3. Standard Reports
3.1. Contract Performance Report
CONTRACT PERFORMANCE REPORT
Contract: KWP2026 - Kewpie Vietnam
Period: 2026-01-01 to 2026-12-31
═════════════════════════════════════════════════
OVERVIEW
──────────────────────────────────────────────────
Contract Value: 2,400M VND
Margin Target: 20%
Status: Active
Duration: 365 days (45 elapsed, 320 remaining)
SCOPE BREAKDOWN
──────────────────────────────────────────────────
Scope | Revenue | Cost | Profit | Margin | Status
────────────────────────────────────────────────────
FB01 | 1,000M | 800M | 200M | 20% | Active
TT01 | 500M | 400M | 100M | 20% | Active
WEB01 | 50M | 27M | 23M | 46% | Complete
HOST01 | 12M | 5M | 7M | 58% | Active
────────────────────────────────────────────────────
TOTAL | 1,562M | 1,232M | 330M | 21% |
PROGRESS
──────────────────────────────────────────────────
Time Elapsed: 12% (45/365 days)
Revenue Achieved: 35% (850M/2,400M)
Milestones Paid: 3/8 (37.5%)
CASHFLOW
──────────────────────────────────────────────────
Cash In: 850M VND
Cash Out: 720M VND
Net Cashflow: +130M VND
STATUS: ✓ ON TRACK
3.2. P&L Report by Scope
PROFIT & LOSS BY SCOPE
Period: Q1 2026
═════════════════════════════════════════════════
Scope | Revenue | Ads | Vendor | Infra | Total Cost | Profit | Margin
──────────────────────────────────────────────────────────────────────────────
FB01 | 300M | 240M | 0 | 0 | 240M | 60M | 20%
TT01 | 250M | 200M | 0 | 0 | 200M | 50M | 20%
WEB01 | 50M | 0 | 25M | 2M | 27M | 23M | 46%
HOST01 | 3M | 0 | 0 | 1M | 1M | 2M | 67%
APP01 | 100M | 0 | 105M | 0 | 105M | -5M | -5%
──────────────────────────────────────────────────────────────────────────────
TOTAL | 703M | 440M | 130M | 3M | 573M | 130M | 18.5%
ANALYSIS:
- 4/5 scopes profitable
- APP01 running at loss (-5M), review vendor cost
- Overall margin 18.5% (target: 20%)
3.3. Cashflow Report
CASHFLOW REPORT
Period: Q1 2026 (Jan - Mar)
═════════════════════════════════════════════════
CASH INFLOW
──────────────────────────────────────────────────
Jan Feb Mar Total
Client Payments 450M 300M 250M 1,000M
Retainer Fees 50M 50M 50M 150M
──────────────────────────────────────────────────
Total Inflow 500M 350M 300M 1,150M
CASH OUTFLOW
──────────────────────────────────────────────────
Jan Feb Mar Total
Ads Spend 180M 220M 200M 600M
Vendor Payments 80M 60M 50M 190M
Infrastructure 15M 15M 15M 45M
Operations 70M 70M 70M 210M
──────────────────────────────────────────────────
Total Outflow 345M 365M 335M 1,045M
NET CASHFLOW
──────────────────────────────────────────────────
Jan Feb Mar Total
Net +155M -15M -35M +105M
Cumulative 155M 140M 105M
CLOSING BALANCE: 305M VND
(Opening: 200M + Net: 105M)
3.4. Budget Utilization Report
BUDGET UTILIZATION REPORT
As of: 2026-03-15
═════════════════════════════════════════════════
Campaign | Budget | Spend | % Used | Remaining | Status
────────────────────────────────────────────────────────────────────────────
Kewpie-FB01-Office-P1 | 200M | 150M | 75% | 50M | ✓
Kewpie-FB01-Housewife-P1 | 250M | 180M | 72% | 70M | ✓
Kewpie-TT01-Video-P1 | 200M | 125M | 62% | 75M | ✓
Vinamilk-GG01-Search-P1 | 150M | 148M | 99% | 2M | ⚠
────────────────────────────────────────────────────────────────────────────
ALERTS:
- Vinamilk-GG01-Search-P1: 99% budget used, consider pause or increase
3.5. Vendor Performance Report
VENDOR PERFORMANCE REPORT
Period: Q1 2026
═════════════════════════════════════════════════
Vendor | Projects | Total Cost | Avg Rating | On-time % | Status
────────────────────────────────────────────────────────────────────────
ABC Dev | 3 | 75M | 4.5 | 100% | Excellent
XYZ Studio | 2 | 40M | 4.0 | 100% | Good
DEF Agency | 1 | 105M | 2.5 | 0% | Poor
────────────────────────────────────────────────────────────────────────
RECOMMENDATION:
- DEF Agency: Low rating + late delivery, consider alternatives
- ABC Dev: Excellent track record, preferred vendor
4. Alert System
4.1. Alert Types & Priorities
| Alert Type | Priority | Trigger | Recipients |
|---|---|---|---|
| Budget Overrun | Critical | Spend >= 100% | PM, Director |
| KPI Behind | High | Gap < -20% | PM |
| Invoice Overdue | High | > 15 days overdue | Accountant, Finance, Director |
| Negative Cashflow | High | Projected net < 0 | Finance, Director |
| Vendor Payment Overdue | Medium | > 7 days overdue | Accountant |
| Budget Warning | Medium | Spend >= 95% | PM |
| Milestone Ready | Low | KPI achieved | Accountant |
4.2. Alert Channels
# Email alert
def send_email_alert(alert):
subject = f"[{alert.priority}] {alert.type}"
recipients = get_recipients_by_role(alert.roles)
send_email(recipients, subject, alert.message)
# Slack notification
def send_slack_alert(alert):
channel = get_channel_by_priority(alert.priority)
post_to_slack(channel, alert.message)
# SMS (for critical alerts only)
def send_sms_alert(alert):
if alert.priority == 'critical':
recipients = get_director_phone()
send_sms(recipients, alert.message)
# In-app notification
def create_in_app_notification(alert):
for user in alert.recipients:
create_notification(user, alert)
4.3. Alert Settings (Configurable)
Users có thể configure:
- Kênh nhận alert (email, slack, sms, in-app)
- Alert types muốn nhận
- Frequency (instant, hourly digest, daily digest)
- Quiet hours (không gửi alert từ 10 PM - 7 AM)
5. Export & Integration
5.1. Export Formats
| Report Type | Formats Available |
|---|---|
| Financial Reports | PDF, Excel, CSV |
| Performance Reports | PDF, Excel, PowerPoint |
| Raw Data | CSV, JSON, SQL dump |
| Dashboards | PDF screenshot |
5.2. Scheduled Reports
# Daily report - gửi 7 AM
schedule_report(
name="Daily Performance Summary",
recipients=["[email protected]", "[email protected]"],
format="PDF",
schedule="0 7 * * *" # Daily at 7 AM
)
# Weekly report - gửi Monday 9 AM
schedule_report(
name="Weekly P&L Summary",
recipients=["[email protected]", "[email protected]"],
format="Excel",
schedule="0 9 * * 1" # Monday at 9 AM
)
# Monthly report - gửi ngày 1 mỗi tháng
schedule_report(
name="Monthly Business Review",
recipients=["[email protected]", "[email protected]"],
format="PowerPoint",
schedule="0 9 1 * *" # 1st day of month at 9 AM
)
5.3. API for External Systems
// Get contract data
GET /api/v1/contracts/{contract_code}
// Get scope performance
GET /api/v1/scopes/{scope_id}/performance
// Get cashflow forecast
GET /api/v1/cashflow/forecast?months=3
// Get P&L
GET /api/v1/reports/pl?start_date=2026-01-01&end_date=2026-03-31
6. Audit Trail
6.1. What to Audit
Tất cả actions quan trọng phải log:
- Contract create/edit/delete
- Scope create/edit
- Campaign budget changes
- Milestone status changes
- Payment records
- Vendor assignments
- User role changes
6.2. Audit Log Schema
{
"audit_id": "AUD-20260115-001",
"timestamp": "2026-01-15T14:30:00Z",
"user_id": "USR-123",
"user_name": "Nguyen Van B",
"user_role": "PM",
"action": "update",
"entity_type": "campaign_plan",
"entity_id": "CMP-PLN-001",
"field_changed": "budget_allocated",
"old_value": "200000000",
"new_value": "250000000",
"reason": "Budget increase approved by Director",
"ip_address": "192.168.1.100"
}
6.3. Audit Report
AUDIT LOG REPORT
User: Nguyen Van B (PM)
Period: 2026-01-15
═════════════════════════════════════════════════
Time | Action | Entity | Changes
──────────────────────────────────────────────────
14:30 | UPDATE | Campaign FB01 | Budget: 200M → 250M
14:35 | CREATE | Vendor Assign | Vendor: ABC Dev, Cost: 25M
15:00 | UPDATE | Scope WEB01 | Status: active → completed
All actions within user permissions ✓
7. Data Privacy & Security
7.1. Sensitive Data
| Data Type | Access Level | Encryption |
|---|---|---|
| Contract Values | Accountant, Finance, Director only | At rest |
| Profit/Loss | PM (own), Finance, Director | At rest |
| Vendor Payments | Accountant, Finance, Director | At rest + in transit |
| Client Info | All | At rest |
| User Credentials | Admin only | Hashed (bcrypt) |
7.2. Data Retention
- Active contracts: Unlimited
- Completed contracts: 7 years (legal requirement)
- Audit logs: 5 years
- Performance data: 3 years
- Temporary data (caches): 30 days
7.3. Compliance
- GDPR (nếu có EU clients): Right to be forgotten, Data portability
- Vietnam Data Protection: Comply với luật bảo vệ dữ liệu cá nhân
- Financial Records: Lưu trữ theo quy định pháp luật (7 years)
8. Best Practices
8.1. Report Design
- Executive Summary first: Key metrics trước, details sau
- Visual > Text: Charts, graphs thay vì tables dài
- Actionable insights: Không chỉ show data, mà gợi ý actions
- Consistent format: Template giống nhau để dễ compare
8.2. Permission Management
- Principle of Least Privilege: Chỉ cấp quyền cần thiết
- Role-based, not user-based: Gắn quyền với role, không với individual users
- Regular review: Quarterly review user permissions
- Separation of Duties: Người tạo invoice khác người approve payment
8.3. Alert Management
- Don't cry wolf: Chỉ alert khi thật sự cần
- Prioritize correctly: Critical phải là critical, không abuse
- Actionable: Alert phải kèm hướng xử lý
- Right channel: SMS cho critical, email cho normal
9. Future Enhancements
9.1. AI-Powered Insights
- Predictive cashflow analysis
- Anomaly detection in spend patterns
- Budget optimization recommendations
- Vendor performance prediction
9.2. Advanced Dashboards
- Real-time streaming dashboards
- Custom dashboard builder
- Mobile app with push notifications
- Voice-activated reports (Alexa/Google Home)
9.3. Integrations
- ERP systems (SAP, Oracle)
- CRM systems (Salesforce, HubSpot)
- Accounting software (Xero, QuickBooks)
- Business intelligence tools (Tableau, Power BI)