Adding a user to an access review

Roles and permissions

The following roles can add users to an access review:

Administrators with manager permissions for the access review
Compliance managers with manager permissions for the access review
Users with manager permissions for the access review

Users can be added to an access review in several ways that vary depending on the function of that user within the access review.

To access the review where you want to add users:

From the left menu, select Access reviews.
Select the access review where you want to add users.
The dashboard displays.
Review the sections below for information on adding each user type.

Adding a user as a member

By default, the new user is added to the access review as a contributor.

From the access review dashboard, click the + icon in the facepile at the top right side of the page.
The Member access window displays.
Select a user from the Name drop-down menu. If the user you want to add does not exist in your organization, click the Add them to Hyperproof link to invite them to your organization and add them to the access review.
Tip
You can select multiple users as long as they have the same object-level role.
From the Role drop-down menu, select the user's role.
Roles and permissions overview for objects
Facepiles are found on all individual objects, such as risks, and in parent modules, such as the Risk Register. You can add a user to a specific object OR the entire module.
Object roles include:
- Managers
  Can manage content, members, and settings
  Can share, add, edit, or remove files
- Contributors
  Can share, add, edit, or remove files
  Cannot add members or manage settings
- Viewers
  Can view information about objects where they are a member or have inherited access
  Can export objects from the grid view if they are members of the objects or have inherited access
Optionally, enter a message. This message is included in the email notification sent to the user letting them know that they are now a member.
Click Add.
If notifications are enabled, an email is sent notifying the user that they have been added.

Adding a user as a reviewer or system administrator

Users who are added as reviewers or sysadmins do not need to be added directly to the access review through the facepile. Simply assigning user access records to a reviewer or sysadmin allows them to open the access review and review the records assigned to them. To add a user as a reviewer or sysadmin, they must have an account in the Hyperproof organization.

From the access review dashboard, select the Setup tab.
Select one of the applications to be reviewed.
Select the Records tab.
Select one or more checkboxes for user records that you want to assign to a specific Reviewer or Sysadmin.
Click either the Reviewer or the Sysadmin link.
An Edit window displays.
Select the user you want to assign from the drop-down list and click Confirm.

Adding direct managers as reviewers

When you configure an application user list to be reviewed you can select Assign to direct manager as an option. If you select Assign to direct manager, Hyperproof checks each user's email address on the application user list and uses it to look up the users' direct manager in the directory configured for the access review. That manager is assigned as the reviewer.

If the direct manager assigned to review a user is not a Hyperproof user, the direct manager is added as a Contact. When the review is launched, those Contacts are sent invitations to Hyperproof as limited access users. The direct manager must accept the invitation and log in to Hyperproof to review application user records.

See Using direct managers as reviewers for user access for more information.

In this section: