Modified on Tue, 24 Jul 2018 at 11:52 AM

Roles are assigned to users and can be set on the edit user page. They are cumulative and do not cascade, so if a user needs both manager and auditor privileges both roles must be toggled on. 

  • OrgAdmin - Grants edit access to all organization wide settings. Can enable all roles on users.*
  • SiteAdmin - Grants edit access to site specific settings. Can enable SiteAdmin role and below on users. Allows the reassignment of responsible parties on mitigations.*
  • AuditAuthor - Grants edit access to Documents and the Question Library. Can assign audits.
  • Auditor - Must be enabled for audits to be assigned. Grants access to complete and submit audits.
  • Manager - Must be enabled for user to be set as a responsible party. Grants access to reports.
  • DataEntry - Causes all audits to be visible on dashboard, allows the entry of historical audit information.*


    • The OrgAdmin and SiteAdmin roles are the only two with the ability to delete scheduled audits.
    • The DataEntry role should be disabled for most users, if this role is enabled the user will see all audits assigned to all users on their homepage.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article