CRAIM is a company-scoped system. Access should reflect the real operating structure of the team.
Access model
The platform applies company-level boundaries and authenticated access to CRM data, inbox views, AI settings, and integrations.
Invite flow
Use invitations to add new teammates into the workspace with the correct company context instead of sharing one account.
Permission design principles
- keep admin access narrow
- separate operational execution from configuration access
- review who can change channel credentials, approval rules, and AI behavior
Recommended ownership
Admin or RevOps
- integrations
- settings
- subscriptions
- routing defaults
Sales leadership
- pipeline rules
- qualification standards
- AI operating policy
- approvals
Operators
- inbox handling
- task execution
- lead follow-up
Multi-tenant boundary
Data should always be treated as company-scoped. A teammate should only operate within the company workspace they belong to. This matters especially for:
- channels
- knowledge documents
- AI workspace memory
- subscriptions
- imported CRM data
Audit mindset
If a teammate leaves or changes role, you should be able to answer:
- which workspace they belonged to
- what access they had
- which operational areas they could edit
- whether they could approve customer-facing output