What takes precedence - global permissions or role permissions?

Global permissions are designed to establish a baseline for access across the entire NetSuite instance and apply universally to all roles and users. This means that regardless of the specific role a user may have, the restrictions or allowances set at the global level will be applied first.

When global permissions are configured, they take precedence over role-specific permissions. Therefore, if a global permission denies access to a specific area of functionality, that limitation will generally apply even if a user's assigned role would normally provide access. This hierarchical structure ensures consistent security and access control across the system by prioritizing broader global settings over role-specific details.

Therefore, the determination that global permissions override role permissions is crucial for administrators to understand when configuring access levels. It helps ensure that security policies are uniformly enforced throughout the organization, preventing unintended data exposure or privilege escalation based on individual role settings.