Back-end user (analyst) needs access to type comments for co-workers when reviewing applications submitted by end-users (applicants). However, back-end user (analyst) should not have access to change information/ data submitted by end-users (applicants). Does the back-end user (analyst) need "writer" access under security roles just to leave comments?
Nothing has been tried, this is to be included in the business requirements document.