Limited access user - Viewer permissions
A limited access user can only see objects they have been added to by another user or objects where they have inherited access. This user can create work items and add proof. For example, limited access users do not see comprehensive lists of programs or controls, they have more concise lists consisting of the programs or controls where they are members. The Overview dashboard page is never visible to limited access users.
Action | Yes | No |
|---|---|---|
Turn on program health | X | |
Edit program details | X | |
Add members to a program they're a member of | X | |
Comment on the program's Activity Feed | X | |
View the program's Activity Feed | X | |
Link/unlink controls and proof to/from requirements | X | |
Add related requirements | X | |
Export a program | X | |
Export proof from a program | X | |
Archive/unarchive a program | X | |
Export requirements | X | |
Export a SSP report | X | |
Create a new program or a custom program | X | |
Create/manage custom fields | X | |
Customize program health and tooltips | X | |
Import/manage scopes | X | |
Jumpstart a new program | X | |
Delete proof from a requirement | X |
Action | Yes | No |
|---|---|---|
Create a control | X | |
Edit a control they're a member of, including control health | X | |
Turn on/edit freshness on a control they're a member of | X | |
Link/unlink requirements, proof, labels, tasks, and risks to/from a control they're a member of | X | |
Add members to a control they're a member of | X | |
Comment on a control's Activity Feed | X | |
View a control's Activity Feed | X | |
Create/maintain a Hypersync or repeating task on a control they're a member of | X | |
Add notes to a control they're a member of | X | |
Add a scope assignment to a control they're a member of | X | |
Import/export a control they're a member of | X | |
Archive/unarchive a control they're a member of | X | |
View program-level controls they're not a member of | X | |
Use the crosswalk view | X | |
View controls in programs they're not a member of | X | |
Import scopes or scope assignments | X |
Action | Yes | No |
|---|---|---|
Add proof at the organizational level | X | |
Download proof they've uploaded | X | |
Download proof linked to a control that they're a member of | X | |
View proof they've uploaded or via inherited access from a linked object | X | |
Create a new label | X | |
Import/export a label they're a member of | X | |
Edit a label they're a member of, including label details | X | |
Link/unlink controls, proof, and tasks to/from a label they're a member of | X | |
Create/maintain a Hypersync or repeating task on a label they're a member of | X | |
Manage freshness on a label they're a member of | X | |
Add members to a label they're a member of | X | |
Comment on the label's Activity Feed | X | |
View a label's Activity Feed | X | |
Archive/unarchive a label they're a member of | X | |
View labels they're not a member of | X |
Action | Yes | No |
|---|---|---|
Create an assessment | X | |
Edit the details of an assessment they're a member of | X | |
Import evaluations into an assessment they're a member of | X | |
Add members to an assessment they're a member of | X | |
Export proof from an assessment they're a member of | X | |
Export an assessment they're a member of | X | |
Comment on the assessment's Activity Feed | X | |
View the assessment's Activity Feed | X | |
Archive/unarchive an assessment they're a member of | X |
Action | Yes | No |
|---|---|---|
Create an evaluation | X | |
Import evaluations into an assessment they're a member of | X | |
Add members to an evaluation they're a member of | X | |
Export an evaluation they're a member of | X | |
Archive/unarchive an evaluation they're a member of | X | |
Link proof and affected objects to an evaluation they're a member of | X | |
Unlink proof and affected objects from an evaluation they've created | X | |
Link/unlink a task to/from an evaluation they're a member of | X | |
Comment on the evaluation's Activity Feed | X | |
View the evaluation's Activity Feed | X | |
Change the status of an evaluation they're a member of | X |
Action | Yes | No |
|---|---|---|
Create an issue | X | |
Edit an issue they're a member of | X | |
Add members to issues they're a member of | X | |
Archive/unarchive an issue they're a member of | X | |
Export an issue they're a member of | X | |
Comment on the issue's Activity Feed | X | |
View the issue's Activity Feed | X | |
Link/unlink proof to/from an issue they're a member of | X | |
Link/unlink affected objects to/from an issue they're a member of | X | |
Customize the health of an issue they're a member of | X | |
Change the status of an issue they're a member of | X |
Action | Yes | No |
|---|---|---|
Open an access review (if tile is visible) | X | |
Edit access review details:
| X | |
Create, view, and delete applications (if visible) | X | |
Import records | X | |
Generate access review proof | X | |
Archive/unarchive an access review | X | |
Create an access review | X | |
Join an access review facepile | X | |
Edit 'Maintain access' / 'Access notes' | X | |
Edit 'Access updated' / 'Admin notes' | X |
Action | Yes | No |
|---|---|---|
Edit an audit they've created or are a member of | X | |
Add members to an audit they're a member of | X | |
Comment on the audit's Activity Feed | X | |
View the Activity Feed of an audit they're a member of | X | |
Archive/unarchive an audit they're a member of | X | |
Export proof from an audit they're a member of | X | |
Export an audit they're a member of | X | |
Create an audit | X |
Action | Yes | No |
|---|---|---|
Create a request | X | |
Edit a request they're a member of | X | |
Add members to a request they're a member of | X | |
Import/export a request they're a member of | X | |
Link/unlink proof to/from a request they're a member of | X | |
Link/unlink affected objects to/from a request they're a member of | X | |
Link/unlink a task to/from a request they're a member of | X | |
Change the status of a request they're a member of | X | |
Archive/unarchive a request they're a member of | X | |
Comment on a request's Activity Feed | X | |
View a request's Activity Feed | X |
Action | Yes | No |
|---|---|---|
Add a new vendor | X | |
Add a vendor contact | X | |
Add members to the Vendor Register | X | |
Add/edit a vendor owner | X | |
Import vendors | X | |
Export vendors | X | |
Edit vendor information | X | |
Link/unlink a task to/from a vendor | X | |
Archive/unarchive a vendor | X | |
Edit the vendor category | X | |
Edit the vendor status | X | |
Edit contract dates | X | |
Edit vendor tolerance and risk | X | |
Comment on a vendor's Activity Feed | X | |
View a vendor's Activity Feed | X |
Action | Yes | No |
|---|---|---|
Create a questionnaire | X | |
Import/export a questionnaire | X | |
View a questionnaire | X | |
Edit a questionnaire | X | |
Send/cancel a questionnaire | X | |
Send a questionnaire to multiple vendors | X | |
Link/unlink labels to/from a questionnaire | X | |
Archive/unarchive a questionnaire | X | |
Comment on a questionnaire's Activity Feed | X | |
View a questionnaire's Activity Feed | X |
Action | Yes | No |
|---|---|---|
Create a task from the Work items tab | X | |
Duplicate a task they've created | X | |
Import a task or a repeating task | X | |
Export a task | X | |
Link/unlink proof to/from a task they've created | X | |
Add members to a task they've created | X | |
Edit a task or repeating task they've created, including the assignee | X | |
Delete a task or repeating task they've created | X | |
Change the target of a task or repeating task they've created | X | |
Change the status of a task or repeating task they've created | X | |
Comment on a task or repeating task's Activity Feed (that they've created) | X | |
Delete a task or repeating task they didn't create | X | |
Delete proof from a task or repeating task | X | |
Edit a task they didn't create | X | |
Edit a repeating task they didn't create | X |
Action | Yes | No |
|---|---|---|
Create a risk | X | |
View Risk Registers they're a member of | X | |
Export risks | X | |
Import risks | X | |
Add members to a Risk Register they're a member of | X | |
Edit a risk they're a member of | X | |
Edit a risk they're not a member of | X | |
Comment on the Risk Register's Activity Feed | X | |
View the Risk Register's Activity Feed | X | |
Comment on a risk's Activity Feed | X | |
View a risk's Activity Feed | X | |
Edit the health of a risk they're a member of | X | |
Edit the owner of a risk they're a member of | X | |
Link/unlink controls, proof, labels, and tasks to/from a risk they're a member of | X | |
Create notes on a risk they're a member of | X | |
Archive/unarchive a risk | X | |
Upgrade to advanced mitigation | X | |
Customize the Risk Register | X | |
Create a new Risk Register | X |