User Role
  • 1 Minute to read
  • PDF

User Role

  • PDF


Users Roles restrict/allow users to access data and perform actions on the SAFE application.


This document allows users to understand the level of data they can access and perform actions based on the assigned User Roles.

The following four pre-configured User Roles are available in SAFE:

  • Admin
  • Auditor
  • Viewer
  • Limited User


The users with Admin Role have complete access to all system features, functions, and data.


The users with Auditor Role have complete access to certain features, functions, and data related to assessment, reporting, etc. Still, they do not have access to certain administrative functions such as configuring global policies, custom control policies, assessment and management tools, etc.


The users with Viewer Role have only view access to system features, functions, and data.

Limited User

The users with Limited User Role have complete access to all features, functions, and data w.r.t to assets that the user owns.

User Role Access

Limited User
DashboardOverall Score/Score TrendViewViewViewNot Visible
Score ChangeViewViewViewNot Visible
Technology DistributionViewViewViewView for only assets assigned to the user
Asset GroupsViewViewViewView(only for self-created groups)
Technology Spider GraphViewViewViewNot Visible
Asset Group Spider GraphViewViewViewNot Visible
Location wise ScoreViewViewViewNot Visible
Gap ReportViewViewViewNot Visible
Actionable InsightViewViewViewView(only for assets/asset groups assigned to him)
Master Control ListRead-WriteRead-WriteViewView for Assets assigned to the user
About PageViewViewViewView
PolicyViewViewViewNot Visible
ComplianceViewViewViewNot Visible
AssessmentPeopleRead-WriteRead-WriteRead OnlyNot Visible
PolicyRead-WriteRead-WriteRead OnlyNot Visible
TechnologyRead-WriteRead-WriteRead OnlyRead-Write for user’s assets.
CSPRead-WriteRead-WriteRead OnlyNot Visible
ExternalRead-WriteRead-WriteRead OnlyNot Visible
Read-WriteRead-WriteRead OnlyNot Visible
ReportsOverall ReportGenerate/ScheduleGenerate/ScheduleGenerate/ScheduleNot Visible
Technology ReportGenerate/ScheduleGenerate/ScheduleGenerate/ScheduleNot Visible
Asset ReportGenerate/ScheduleGenerate/ScheduleGenerate/ScheduleGenerate/Schedule for assets assigned to the user
Asset Group ReportGenerate/ScheduleGenerate/Schedule for user’s local group + All global groupGenerate/Schedule for user’s local group + All global groupGenerate/Schedule for user’s groups
Compliance ReportGenerate/ScheduleGenerate/ScheduleGenerate/ScheduleNot Visible
External ReportGenerate/ScheduleGenerate/ScheduleGenerate/ScheduleNot Visible
Scheduled ReportRead/WriteRead/Write for his own reportsRead/Write for his own reportsRead/Write for his own reports
History ReportRead/WriteRead/Write for his own reportsRead/Write for his own reportsRead/Write for his own reports
Miscellaneous ReportGenerate/ScheduleGenerate/ScheduleGenerate/ScheduleNot Visibile
NotificationsAsset Score ChangeRead-WriteRead-WriteRead-WriteRead-Write
Vertical Score ChangeRead-WriteRead-WriteRead-WriteNot Visible
Asset Group Score ChangeRead-WriteRead-WriteRead-WriteRead-Write
Overall Score ChangeRead-WriteRead-WriteRead-WriteNot Visible
Asset Offboarding - Auto RetireRead-WriteNot VisibleRead-WriteNot Visible
Asset Offboarding - Auto DeleteRead-WriteNot VisibleRead-WriteNot Visible
Financial Risk Exposure
Read-WriteNot VisibileNot VisibileNot Visibile
Manage Agent
Read-WriteRead-WriteRead OnlyRead- Write for user’s assets
AdministrationUser ManagementRead-WriteRead OnlyRead OnlyNot Visible
Company ManagementRead-WriteRead OnlyRead OnlyNot Visible
Department Management Read-WriteRead OnlyRead OnlyNot Visible
Location Management Read-WriteRead OnlyRead OnlyNot Visible
Company ProfileRead-WriteRead OnlyRead OnlyNot Visible
Asset ManagementRead-WriteRead OnlyRead OnlyVisible(only his assets)
Manage AssetsRead-WriteRead OnlyRead OnlyNot Visible
Asset Group ManagementRead-WriteRead-Write for user-created groupsRead-Write for user-created groupsRead-Write(for his own assets)
Custom FieldsRead-WriteRead OnlyRead OnlyNot Visible
Agent Global PolicyRead-WriteNot VisibleNot VisibleNot Visible
Asset Offboarding Policy[Cycle 7]Read-WriteNot VisibleNot VisibleNot Visible
Agent & Site managementRead-WriteRead OnlyRead OnlyRead Only
Governance ManagementRead-WriteRead OnlyRead OnlyNot Visible
SAFE HooksRead-WriteRead-WriteNot VisibleNot Visible
Assessment ToolsRead-WriteRead-Write
Note: Auditor has only Read access for AWS Configuration.
Not VisibleNot Visible
Management ToolsRead-WriteNot VisibleNot VisibleNot Visible
Enrichment ToolsRead-WriteNot VisibleNot VisibleNot Visible
SettingsRead-WriteRead OnlyRead OnlyVisible
Settings > Customizable DashboardRead-WriteRead-WriteRead OnlyRead-Write
Control PoliciesRead-WriteNot VisibleNot VisibleNot Visible

Was this article helpful?

What's Next