> ## Documentation Index
> Fetch the complete documentation index at: https://docs.anchorage.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Customizing admin policy

> Configure approval requirements for administrative and user management changes.

Admin policies control who can make administrative changes to your organization — like adding or removing users, changing user roles, and modifying vault settings. By customizing your admin policy, you ensure critical changes require appropriate oversight.

## What admin policy controls

Admin policies define approval requirements for:

* **User management** — Adding, removing, or changing user roles
* **Organization settings** — Changing organization name, contact info, etc.
* **Vault creation** — Creating new vaults (may require approval)
* **Security settings** — Enabling/disabling features, changing recovery options
* **Policy changes** — Modifying other policies themselves
* **Trusted destinations/counterparties** — Adding or removing pre-approved addresses

Not all operations require admin policy approval — see [Admin policies](/knowledge-base/porto/policies/admin-policies) for a complete list.

## Access admin policy settings

<Steps>
  <Step title="Open settings">
    From the home screen, tap **Settings**.
  </Step>

  <Step title="Select policies or admin settings">
    Go to **Policies**, **Admin policy**, or **Administration**.
  </Step>

  <Step title="View current policy">
    You'll see:

    * Current approval requirements
    * Who is designated as an approver
    * Any quorum or multi-signature requirements
    * When the policy was last modified
  </Step>

  <Step title="Tap edit or customize">
    Select **Edit policy** or **Customize** to make changes.
  </Step>
</Steps>

## Customization options

### Single approver requirement

Require one designated approver for admin changes:

* **Simplest model** — One person (often the CEO or CFO) approves all admin changes
* **Speed** — Approvals are fast
* **Risk** — Less oversight if that person is unavailable or compromised

### Multi-approver (quorum) requirement

Require multiple approvers, such as 2 of 3 administrators:

* **More oversight** — Multiple people must approve critical changes
* **Security** — Harder for unauthorized changes to occur
* **Slower** — Takes longer to get approvals
* **Redundancy** — If one approver is unavailable, others can still approve

**Example:** "2 of \{CEO, CFO, Legal Officer}" or "All administrators must approve"

### Role-based requirements

Different requirements based on the change type:

* **Minor changes** — (e.g., updating contact info) may need 1 approver
* **User management** — (adding/removing users) may need 2 approvers
* **Critical changes** — (policy changes, security settings) may need all admins

## Create or edit admin policy rules

<Steps>
  <Step title="Open admin policy">
    Go to **Settings** > **Policies** > **Admin policy**.
  </Step>

  <Step title="Tap add rule or create policy">
    Select **Add rule** or **Create new policy**.
  </Step>

  <Step title="Define the rule">
    Specify:

    * **What action** is this rule for? (user management, policy changes, vault creation, etc.)
    * **Who can approve?** (specific users, roles, or groups)
    * **How many approvers** are required? (1, 2, all, etc.)
    * **Time window** for approval (how long until request expires)
  </Step>

  <Step title="Set thresholds if applicable">
    For some operations, approval might depend on scope:

    * Adding 1 user = 1 approver
    * Adding 5+ users = 2 approvers
    * Or based on role change level
  </Step>

  <Step title="Save the rule">
    Tap **Save** or **Create rule**.
  </Step>

  <Step title="Submit policy for approval">
    Tap **Submit policy** or **Save changes**. Admin policy changes themselves may require approval.
  </Step>

  <Step title="Approve policy change">
    If required by current admin policy, the change must be approved before taking effect.
  </Step>
</Steps>

## Admin policy templates

Your organization can choose from common templates:

### Centralized (single approver)

* **Approver:** CEO or designated administrator only
* **Use case:** Small teams, startup, strong trust in leader
* **Approval time:** Fast
* **Risk level:** Medium (depends on that person's availability and security)

### Distributed (2 of 3 required)

* **Approvers:** 3 administrators, any 2 can approve
* **Use case:** Mid-size organizations wanting checks and balances
* **Approval time:** Medium (faster than all-required, slower than single)
* **Risk level:** Low (requires consensus among multiple people)

### Consensus (all required)

* **Approvers:** All administrators must approve
* **Use case:** High-security orgs, joint custody, important decisions
* **Approval time:** Slow (depends on everyone's availability)
* **Risk level:** Very low (highest oversight)

## Role-based admin rules

You can set different rules by change type:

| Change                   | Rule             | Approvers   |
| :----------------------- | :--------------- | :---------- |
| **Update contact info**  | 1 approver       | Any admin   |
| **Add new user**         | 2 of 3 approvers | Admin group |
| **Remove user**          | 2 of 3 approvers | Admin group |
| **Change user to Admin** | All approvers    | All admins  |
| **Modify admin policy**  | All approvers    | All admins  |
| **Create new vault**     | 2 of 3 approvers | Admin group |

Different changes can have different requirements based on sensitivity.

## Designating approvers

To change who can approve admin changes:

<Steps>
  <Step title="Open admin policy">
    Go to **Settings** > **Policies** > **Admin policy**.
  </Step>

  <Step title="Select approvers">
    Select which users can approve (usually your admin team).
  </Step>

  <Step title="Set approval structure">
    Choose how many approvers are required (1, 2, all, etc.).
  </Step>

  <Step title="Save changes">
    Tap **Save**. Changes to admin policy itself may require approval.
  </Step>
</Steps>

All admins don't automatically get approval power — you must explicitly designate them as approvers in your policy.

## Approval timeouts

Admin policy changes require approval within a certain timeframe:

* **Typical timeout:** 24-72 hours
* **Shorter timeout:** Good for urgent situations (higher risk)
* **Longer timeout:** Good for less urgent matters (gives people time to review)

If an admin policy change isn't approved by the timeout, it expires and must be resubmitted.

## Common admin policy scenarios

**Scenario 1: Small team (3 people)**

* All are admins
* Policy: "All 3 must approve" admin changes
* Result: Highest security, slightly slower approvals

**Scenario 2: Medium organization (10 people, 3 admins)**

* Only 3 designated admins
* Policy: "2 of 3 admins must approve"
* Result: Faster than consensus, still multiple eyes

**Scenario 3: Large organization (100+ people, 5 admins)**

* 5 admins, some designated as "Super Admins"
* Policy: "For user add/remove: 1 super admin + 1 regular admin. For policy changes: all super admins"
* Result: Scalable, different levels of oversight

**Scenario 4: Distributed/DAO structure**

* 7 members in a decentralized organization
* Policy: "Any 4 of 7 members must approve admin changes"
* Result: Democratic, distributed approval

## Monitoring admin activities

Even though policy approvals control admin changes, you should still monitor:

1. **View audit log** — See all admin changes and who approved them
2. **Review user access** — Regularly verify who has access and their roles
3. **Check policy changes** — Ensure policies haven't been unexpectedly modified
4. **Monitor approvals** — See who's approving changes and when

This helps catch unauthorized or suspicious activities.

## Emergencies and exceptions

If your admin policy prevents necessary changes (e.g., all approvers are unavailable):

1. **Contact Porto support** — Explain the situation
2. **Provide verification** — Porto may verify your identity or ownership
3. **Emergency override** — In extreme cases, Porto may help with recovery
4. **Adjust policy afterward** — Consider policy changes to avoid future emergencies

Note: Emergency overrides leave an audit trail and should be rare.

## Best practices for admin policy

* **Require multiple approvers** — Especially for sensitive changes
* **Separate roles** — Different people should submit and approve changes
* **Document policy** — Record why your policy is structured this way
* **Review regularly** — Quarterly review of admin policy and approvals
* **Avoid single points of failure** — Always have backup approvers
* **Test the flow** — Make a low-risk change to ensure your policy works as expected
* **Communicate policy to admins** — All admins should know the approval requirements
