howto "auditor" access permissions

[dalescott]

Hi, is it possible with the security model available to create a "read-only" user?

I would like to give someone, e.g. an auditor, the ability to view anything in the system in the system, but not be allowed to enter, edit, create, or modify anything.

So far, it seems Security Tokens 0 (Main Index Page) and 2 (Basic Reports and Inquiries with selection options) are sufficient, but can anyone say if this will be enough access to see everything? Does this not restrict enough?

Thanks,
Dale