Limited access user - Viewer permissions
A limited access user can only see objects they have been added to by another user or objects where they have inherited access. This user can create work items and add proof. For example, limited access users do not see comprehensive lists of programs or controls, they have more concise lists consisting of the programs or controls where they are members. The Overview dashboard page is never visible to limited access users.
Action | Yes | No |
|---|---|---|
Open an access review (if tile is visible) | X | |
Edit access review details:
| X | |
Create, view, and delete applications (if visible) | X | |
Import records | X | |
Generate access review proof | X | |
Archive and unarchive an access review | X | |
Create an access review | X | |
Join an access review facepile | X | |
Edit 'Maintain access' and 'Access notes' | X | |
Edit 'Access updated' and 'Admin notes' | X |
Action | Yes | No |
|---|---|---|
Create an assessment | X | |
Edit the details of an assessment they're a member of | X | |
Import evaluations into an assessment they're a member of | X | |
Add members to an assessment they're a member of | X | |
Export proof from an assessment they're a member of | X | |
Export an assessment they're a member of | X | |
Comment on the assessment's Activity Feed | X | |
View the assessment's Activity Feed | X | |
Archive and unarchive an assessment they're a member of | X |
Action | Yes | No |
|---|---|---|
Edit an audit they've created or are a member of | X | |
Add members to an audit they're a member of | X | |
Comment on the audit's Activity Feed | X | |
View the Activity Feed of an audit they're a member of | X | |
Archive and unarchive an audit they're a member of | X | |
Export proof from an audit they're a member of | X | |
Export an audit they're a member of | X | |
Create an audit | X |
Action | Yes | No |
|---|---|---|
Create a control | X | |
Edit a control they're a member of, including control health | X | |
Turn on and edit freshness on a control they're a member of | X | |
Link and unlink requirements, proof, labels, tasks, and risks to or from a control they're a member of | X | |
Add members to a control they're a member of | X | |
Comment on a control's Activity Feed | X | |
View a control's Activity Feed | X | |
Create and maintain a Hypersync or repeating task on a control they're a member of | X | |
Add notes to a control they're a member of | X | |
Add a scope assignment to a control they're a member of | X | |
Import and export a control they're a member of | X | |
Archive and unarchive a control they're a member of | X | |
View program-level controls they're not a member of | X | |
Use the crosswalk view | X | |
View controls in programs they're not a member of | X | |
Import scopes or scope assignments | X |
Action | Yes | No |
|---|---|---|
Create an evaluation | X | |
Import evaluations into an assessment they're a member of | X | |
Add members to an evaluation they're a member of | X | |
Export an evaluation they're a member of | X | |
Archive and unarchive an evaluation they're a member of | X | |
Link proof and affected objects to an evaluation they're a member of | X | |
Unlink proof and affected objects from an evaluation they've created | X | |
Link and unlink a task to or from an evaluation they're a member of | X | |
Comment on the evaluation's Activity Feed | X | |
View the evaluation's Activity Feed | X | |
Change the status of an evaluation they're a member of | X |
Action | Yes | No |
|---|---|---|
Create an issue | X | |
Edit an issue they're a member of | X | |
Add members to issues they're a member of | X | |
Archive and unarchive an issue they're a member of | X | |
Export an issue they're a member of | X | |
Comment on the issue's Activity Feed | X | |
View the issue's Activity Feed | X | |
Link and unlink proof to or from an issue they're a member of | X | |
Link and unlink affected objects to or from an issue they're a member of | X | |
Customize the health of an issue they're a member of | X | |
Change the status of an issue they're a member of | X |
Action | Yes | No |
|---|---|---|
Turn on program health | X | |
Edit program details | X | |
Add members to a program they're a member of | X | |
Comment on the program's Activity Feed | X | |
View the program's Activity Feed | X | |
Link and unlink controls and proof to or from requirements | X | |
Add related requirements | X | |
Export a program | X | |
Export proof from a program | X | |
Archive and unarchive a program | X | |
Export requirements | X | |
Export a SSP report | X | |
Create a new program or a custom program | X | |
Create and manage custom fields | X | |
Customize program health and tooltips | X | |
Import and manage scopes | X | |
Jumpstart a new program | X | |
Delete proof from a requirement | X |
Action | Yes | No |
|---|---|---|
Add proof at the organizational level | X | |
Download proof they've uploaded | X | |
Download proof linked to a control that they're a member of | X | |
View proof they've uploaded or via inherited access from a linked object | X | |
Create a new label | X | |
Import and export a label they're a member of | X | |
Edit a label they're a member of, including label details | X | |
Link and unlink controls, proof, and tasks to and from a label they're a member of | X | |
Create and maintain a Hypersync or repeating task on a label they're a member of | X | |
Manage freshness on a label they're a member of | X | |
Add members to a label they're a member of | X | |
Comment on the label's Activity Feed | X | |
View a label's Activity Feed | X | |
Archive and unarchive a label they're a member of | X | |
View labels they're not a member of | X |
Action | Yes | No |
|---|---|---|
Create a questionnaire | X | |
Import and export a questionnaire | X | |
View a questionnaire | X | |
Edit a questionnaire | X | |
Send and cancel a questionnaire | X | |
Send a questionnaire to multiple vendors | X | |
Link and unlink labels to or from a questionnaire | X | |
Archive and unarchive a questionnaire | X | |
Comment on a questionnaire's Activity Feed | X | |
View a questionnaire's Activity Feed | X |
Action | Yes | No |
|---|---|---|
Create a request | X | |
Edit a request they're a member of | X | |
Add members to a request they're a member of | X | |
Import and export a request they're a member of | X | |
Link and unlink proof to or from a request they're a member of | X | |
Link and unlink affected objects to or from a request they're a member of | X | |
Link and unlink a task to or from a request they're a member of | X | |
Change the status of a request they're a member of | X | |
Archive and unarchive a request they're a member of | X | |
Comment on a request's Activity Feed | X | |
View a request's Activity Feed | X |
Action | Yes | No |
|---|---|---|
Create a risk | X | |
View Risk Registers they're a member of | X | |
Export risks | X | |
Import risks | X | |
Add members to a Risk Register they're a member of | X | |
Edit a risk they're a member of | X | |
Edit a risk they're not a member of | X | |
Comment on the Risk Register's Activity Feed | X | |
View the Risk Register's Activity Feed | X | |
Comment on a risk's Activity Feed | X | |
View a risk's Activity Feed | X | |
Edit the health of a risk they're a member of | X | |
Edit the owner of a risk they're a member of | X | |
Link and unlink controls, proof, labels, and tasks to or from a risk they're a member of | X | |
Create notes on a risk they're a member of | X | |
Archive and unarchive a risk | X | |
Upgrade to advanced mitigation | X | |
Customize the Risk Register | X | |
Create a new Risk Register | X |
Action | Yes | No |
|---|---|---|
Create a task from the Work items tab | X | |
Duplicate a task they've created | X | |
Import a task or a repeating task | X | |
Export a task | X | |
Link and unlink proof to or from a task they've created | X | |
Add members to a task they've created | X | |
Edit a task or repeating task they've created, including the assignee | X | |
Delete a task or repeating task they've created | X | |
Change the target of a task or repeating task they've created | X | |
Change the status of a task or repeating task they've created | X | |
Comment on a task or repeating task's Activity Feed (that they've created) | X | |
Delete a task or repeating task they didn't create | X | |
Delete proof from a task or repeating task | X | |
Edit a task they didn't create | X | |
Edit a repeating task they didn't create | X |
Action | Yes | No |
|---|---|---|
Add a new vendor | X | |
Add a vendor contact | X | |
Add members to the Vendor Register | X | |
Add and edit a vendor owner | X | |
Import vendors | X | |
Export vendors | X | |
Edit vendor information | X | |
Link and unlink a task to or from a vendor | X | |
Archive/unarchive a vendor | X | |
Edit the vendor category | X | |
Edit the vendor status | X | |
Edit contract dates | X | |
Edit vendor tolerance and risk | X | |
Comment on a vendor's Activity Feed | X | |
View a vendor's Activity Feed | X |