Access, licences and benchmark governance
How ICMSCosts separates organisation type, licence entitlement, user roles, data visibility and benchmark approval.
Core principle:
users log in as individuals, work inside organisations, and access features through organisation licences.
Data only contributes to global benchmarking when it is public, benchmark-approved and from a trusted organisation.
1. The main concepts
| Concept | Examples | Controls | Does not control |
|---|---|---|---|
| User | Named person with login | Authentication, profile, personal identity | Licence entitlement by itself |
| Organisation | Company, government body, individual workspace | Workspace, data ownership, trust level, upload permissions | Whether the user can log in |
| Organisation role | Owner, admin, contributor, analyst, viewer | Member management and permissions inside an organisation | Whether the organisation has paid access |
| Licence | Trial, enterprise, Revit/plugin, API | Seats, expiry, plugin/API entitlement, paid platform access | Whether data is benchmark-approved |
| Programme visibility | Private, organisation, public | Who can see/use the programme within permitted contexts | Whether it is trusted for global benchmarks |
| Benchmark status | Private, submitted, under review, approved, rejected | Whether data can enter approved benchmark calculations | Login, payment, or organisation membership |
2. Organisation types
| Organisation type | Typical user | Commercial meaning | Benchmark contribution |
|---|---|---|---|
| individual | Web registration, solo professional | Paid single-user workspace (or trial) | Sandbox/private unless upgraded and approved |
| commercial | Consultancy, contractor, developer | Paid subscription or enterprise licence | Can submit data if trusted/verified |
| government | Public authority, ministry, infrastructure body | May be strategic/free contributor | Potential trusted contributor |
| academic | University, research body | Free, discounted or research access | Case-by-case approval |
| internal | ICMSCosts/admin team | Operational/internal | Can curate and approve benchmarks |
3. Access tiers and licences
| Access tier | Licence required? | Typical seat model | Platform access | Plugin/API access |
|---|---|---|---|---|
| trial | Yes, trial licence | 1 seat, 7 days | Temporary access | Disabled |
| free | No, or standing free entitlement | Defined by admin | Allowed while tier remains free | Optional |
| professional | Yes | Small team or named seats | Requires active licence | Plan-dependent |
| enterprise | Yes | Configured seat limit or unlimited | Requires active licence | Usually enabled by plan |
| strategic_partner | Usually no standard paid licence | Configured by agreement | Allowed by partner status | Optional/high-trust |
Login is separate from licence entitlement. Expired organisations can still log in to manage billing, members or support, but licensed features such as search/imports/API can be restricted.
4. User roles inside an organisation
| Role | View data | Create/edit data | Invite users | Change roles | Typical use |
|---|---|---|---|---|---|
| owner | Yes | Yes | Yes | Yes | Main account holder |
| admin | Yes | Yes | Yes | Yes | Organisation manager |
| contributor | Yes | Yes | No | No | Uploads and maintains data |
| analyst | Yes | Limited/No | No | No | Uses reports and benchmarking |
| viewer | Yes | No | No | No | Read-only access |
5. Data visibility vs benchmark approval
| Programme visibility | Who can see/use it? | Can it be used internally? | Can it enter global peer matching? |
|---|---|---|---|
| private | Uploader/admins | Owner context only | No |
| organisation | Active members of the owning organisation | Organisation context only | No, not within global cache |
| public | Wider authenticated/public context, depending on feature | Yes | Only if benchmark-approved and trusted |
| Benchmark status | Set by | Meaning | Global peer matching? |
|---|---|---|---|
| private | User/system | Not submitted for benchmark use | No |
| submitted | User | Submitted for ICMSCosts review | No |
| under_review | Admin | Being reviewed for benchmark suitability | No |
| approved | Admin | Approved for benchmark calculations | Yes, if public and from non-sandbox/trusted org |
| rejected | Admin | Rejected for benchmark contribution | No |
6. Trust levels and sandbox behaviour
| Data trust level | Typical organisation | Can upload? | Can submit benchmarks? | Can appear in global peer pool? |
|---|---|---|---|---|
| sandbox | Trial/initial web registrations | Yes, for trial/private use | No | No |
| organisation_private | Commercial customer using internal data | Yes | Optional, if enabled | No unless approved and public |
| verified_contributor | Known data contributor | Yes | Yes | Yes, after admin approval |
| system_approved | ICMS-curated/public-sector/strategic dataset | Yes | Yes | Yes, subject to programme status |
Sandbox does not mean a separate database. It means the organisation can evaluate the platform without its data contaminating trusted public benchmark calculations.
7. Global peer matching rule
programme.visibility is public
AND programme.benchmark_status is approved
AND organisation.data_trust_level is not sandbox
This keeps cached peer analysis safe. Private and organisation-only datasets are not used in the global peer cache, preventing restricted data from leaking into results shown to other users.