Contents x
    User Role
    • 1 Minute to read
    • Print
    • PDF
    Contents

    User Role

    • 1 Minute to read
    • Print
    • PDF
    Article summary

    Introduction

    Users Roles restrict/allow users to access data and perform actions on the SAFE application.

    Info

    This document allows users to understand the level of data they can access and perform actions based on the assigned User Roles.

    The following four pre-configured User Roles are available in SAFE:

    • Admin
    • Auditor
    • Viewer

    Admin

    The users with Admin Role have complete access to all system features, functions, and data.

    Auditor

    The users with Auditor Role have complete access to certain features, functions, and data related to assessment, reporting, etc. Still, they do not have access to certain administrative functions such as configuring global policies, custom control policies, assessment and management tools, etc.

    Viewer

    The users with Viewer Role have only view access to system features, functions, and data.

    User Role Access

    Module
    		Sub-Module
    		Admin
    		Auditor
    		Viewer
    DashboardOverall Score/Score TrendViewViewView
    Score ChangeViewViewView
    Technology DistributionViewViewView
    Asset GroupsViewViewView
    Technology Spider GraphViewViewView
    Asset Group Spider GraphViewViewView
    Location wise ScoreViewViewView
    Gap ReportViewViewView
    Actionable InsightViewViewView
    Master Control ListRead-WriteRead-WriteView
    About PageViewViewView
    PolicyViewViewView
    ComplianceViewViewView
    AssessmentPeopleRead-WriteRead-WriteRead Only
    PolicyRead-WriteRead-WriteRead Only
    TechnologyRead-WriteRead-WriteRead Only
    CSPRead-WriteRead-WriteRead Only
    ExternalRead-WriteRead-WriteRead Only
    Compliance
    		Read-WriteRead-WriteRead Only
    ReportsOverall ReportGenerate/ScheduleGenerate/ScheduleGenerate/Schedule
    Technology ReportGenerate/ScheduleGenerate/ScheduleGenerate/Schedule
    Asset ReportGenerate/ScheduleGenerate/ScheduleGenerate/Schedule
    Asset Group ReportGenerate/ScheduleGenerate/Schedule for user’s local group + All global groupGenerate/Schedule for user’s local group + All global group
    Compliance ReportGenerate/ScheduleGenerate/ScheduleGenerate/Schedule
    External ReportGenerate/ScheduleGenerate/ScheduleGenerate/Schedule
    Scheduled ReportRead/WriteRead/Write for his own reportsRead/Write for his own reports
    History ReportRead/WriteRead/Write for his own reportsRead/Write for his own reports
    Miscellaneous ReportGenerate/ScheduleGenerate/ScheduleGenerate/Schedule
    NotificationsAsset Score ChangeRead-WriteRead-WriteRead-Write
    Vertical Score ChangeRead-WriteRead-WriteRead-Write
    Asset Group Score ChangeRead-WriteRead-WriteRead-Write
    Overall Score ChangeRead-WriteRead-WriteRead-Write
    Asset Offboarding - Auto RetireRead-WriteNot VisibleRead-Write
    Asset Offboarding - Auto DeleteRead-WriteNot VisibleRead-Write
    Financial Risk Exposure
    		Read-WriteNot VisibileNot Visibile
    Manage Agent
    		Read-WriteRead-WriteRead Only
    AdministrationUser ManagementRead-WriteRead OnlyRead Only
    Company ManagementRead-WriteRead OnlyRead Only
    Department Management Read-WriteRead OnlyRead Only
    Location Management Read-WriteRead OnlyRead Only
    Company ProfileRead-WriteRead OnlyRead Only
    Asset ManagementRead-WriteRead OnlyRead Only
    Manage AssetsRead-WriteRead OnlyRead Only
    Asset Group ManagementRead-WriteRead-Write for user-created groupsRead-Write for user-created groups
    Custom FieldsRead-WriteRead OnlyRead Only
    Agent Global PolicyRead-WriteNot VisibleNot Visible
    Asset Offboarding Policy[Cycle 7]Read-WriteNot VisibleNot Visible
    Agent & Site managementRead-WriteRead OnlyRead Only
    Governance ManagementRead-WriteRead OnlyRead Only
    SAFE HooksRead-WriteRead-WriteNot Visible
    Assessment ToolsRead-WriteRead-Write
    Note: Auditor has only Read access for AWS Configuration.
    		Not Visible
    Management ToolsRead-WriteNot VisibleNot Visible
    Enrichment ToolsRead-WriteNot VisibleNot Visible
    SettingsRead-WriteRead OnlyRead Only
    Settings > Customizable DashboardRead-WriteRead-WriteRead Only
    Control PoliciesRead-WriteNot VisibleNot Visible
    Was this article helpful?
    What's Next