Smart Custom Roles

  • 1 minute(s) read
Prev Next

Introduction - Smart Custom Role

Note

Smart Custom Roles are designed for Groups and Third-Party entities.

Smart Custom Roles provide granular, action-level permissions, enabling fine control over what users can do within specific modules.

  • Define permissions at action level (e.g., Create Org, Add Questionnaire, Edit Third Party, Update Group, Create Risk Scenarios, and more)

  • Restrict access specifically to the Group or Third-Party based on the configuration

  • Enable the least privilege access model

  • Automatically adapts based on selected actions

Feature

Description

Permission Model

Action-level (Create, Edit, Delete, Submit, etc.)

Scope Control

Primarily Organization-level (Third-Party focused) and Group-level

Flexibility

Dynamic and granular

Use Case

Group Management, Risk Treatment Plans, TPRM workflows, vendor access control, and least-privilege enforcement

Creating a Smart Custom Role

Follow these steps to create a Smart Custom Role in SAFE:

  1. Navigate to Settings > Role Management.

  2. Click on the Add Role button.

  3. Select the Smart option.

  4. Enter a name and description for the Role.

  5. Click the Add Permission button.

  6. Select the Entity as Group or Third-party based on the requirement.

  7. Expand the permissions section and add the actions by selecting the checkboxes.

  8. Use the filter option to include groups or third parties based on the entity selection.

    1. Groups: Allows you to filter by Group Name and Group Tags

    2. Third-party: Allows you to filter by Primary Business Unit and Tags

  9. Click the Save button. The system will create the Smart Custom Role, making it accessible within the role selection when inviting a user to SAFE.

Editing or Deleting Custom Roles

In the SAFE application, you can edit or delete custom roles as your organizational needs evolve.

Editing a Custom Role

  1. Navigate to Settings > Role Management.

  2. Click on the three-dot options menu for the custom role you wish to edit.

  3. From the menu, select the Edit option.

  4. Modify the role name or adjust read/write permissions for the associated groups as needed.

  5. Click the Save button.

Deleting a Custom Role

Notes

Before deletion, make sure that the user role is not currently assigned to any user.

  1. Navigate to Settings > Role Management.

  2. Click on the three-dot options menu for the custom role you wish to delete.

  3. From the menu, select the Delete option.

  4. Click the Delete button on the confirmation screen.