For a normal user we have 4 different access levels that is:
The meaning of these are:
- Read: The user has read access to the places you set this access
- Edit: The user has edit access on the places you set this access, i.e edit of documents
- Create: With this access users can i.e create documents but not approve them.
- Approve: User will be able to approve documents, risks etc.
The best solution is to set these access levels in access groups and add users to the groups as described in this article: Add users to access groups