In most restaurants, revenue leakage does not happen through “big theft.” It happens through small, frequent actions: uncontrolled discounts, suspicious voids, deleted items, and untracked refunds. These actions are hard to spot if everyone has the same access.

"When permissions are clear, accountability becomes automatic—and abuse becomes difficult."

iRestaurant helps you assign roles and permissions so staff only access what they need to do their job. You can also enforce manager approvals for sensitive actions and maintain an audit trail for every key change.

Why roles and permissions matter

• Reduce fraud: limit discounts/voids to approved roles only.
• Improve accountability: every action is tied to a staff account.
• Protect pricing: prevent unauthorized item price edits.
• Standardize operations: staff follow the same process across shifts and branches.

Recommended roles (simple and practical)

• Waiter: create orders, send KOT, request bill, view assigned tables.
• Cashier: receive payments, print receipts, close bills, view daily sales.
• Supervisor: approve small discounts/voids, manage shift handover, view reports.
• Manager/Admin: manage menus, pricing, staff, settings, advanced reports.

Actions that should require approval

• Discounts above a threshold: e.g., anything above 5% or KES 200.
• Voids after KOT: if the kitchen has already received the ticket.
• Bill cancellation: after payment was initiated or recorded.
• Item price edits: prevent on-the-fly price changes at the counter.
• Refunds: always manager-approved and recorded with reasons.

A simple policy to implement this week

• Step 1: create staff accounts (no shared logins).
• Step 2: assign roles: waiter, cashier, supervisor, manager.
• Step 3: set approval rules for discounts, voids, cancellations.
• Step 4: require reasons (short notes) for sensitive actions.
• Step 5: review the audit report weekly and address exceptions.

What to review every week

• Top staff by discounts and total discounted amount.
• Number of voids/cancellations, by staff and by time of day.
• Refund count and reasons.
• Any repeated patterns on peak hours or specific shifts.

If your team is honest, permissions still help you operate consistently. If your team is not, permissions protect your business. Either way, role-based access is a non-negotiable control for modern restaurant operations.