Permissions are set at two levels: "roles" and "users."
The account owner (super admin, so to speak) sets the initial roles and permissions as part of admin setup, and creates initial users. Thereafter, the users that were created can create roles (and users) within the permissions the admin created for them. If you do not have the permissions you need, contact your admin for more information.
A defined role must be in place before a new user can created. The role contains a layer of permissions. When the user is created, another layer of permissions is defined, down to specific areas and for specific transactions, if required.
For step-by-step instructions see: