Skip to content
  • There are no suggestions because the search field is empty.

How do I know what entitlements I should assign to my users?

This article will briefly describe the available entitlement groups and give a summary of permissions each provide.

 

One of the major benefits of a system featuring Role-based Access Controls (RBAC) is that it allows fine-grained access management to the Cyturus application suite.

There are a number of finely-tuned entitlements that come pre-loaded in the application, but administrators have the ability to create/manage their own custom entitlements as necessary for their business cases.

Please note that entitlement availability for a user is based on their Product Security Role and they only apply to the client under which they were assigned. You can read more about PSRs here.

Compliance and Risk Tracker - Entitlements

There are five main entitlement types within the application. Some of the types cover multiple different areas/modules of the product whereas others are specific to a single area/module:

  • <Module> Manager - Allows the user full (R/W/A/D) access to that particular modules configuration, data, etc. based upon the clients they have access to. 
  • <Module> Owner - Allows the user R/W/A access to areas within that particular module, but doesn't allow them access to delete items or to the setup/configuration of that module.
  • <Module> Contributor - Allows the user R/W access to areas within that particular module, but doesn't allow them to add/delete items or perform any setup of the module.
  • <Module> Viewer - Allows the user read-only access to the data in that module with the potential of some write access where allowed. (For instance, if someone with this role wanted to get notified on something - they could add their email to get notifications.) This level of user is strictly someone who would be an observer to the information.
  • <Module> Auditor - Provides read-only access similar to the Viewer entitlement, with limited write permissions where allowed. Additionally, Auditors can perform compliance-related actions such as adding notes and validating evidence. This role is suited for users responsible for reviewing and verifying data.

Specialty Entitlements

There are additional specialty entitlements for some of our modules as well that generally don't provide additional access to the application (unless noted), but are given so as to allow that individual to populate in some field dropdowns such as:

  • Policy Approver - Enables the user to be designated as a Policy Approver in the Policy Manager module
  • Sales Representative - Enables the user to be designated as a Sales Representative in dropdowns within the Client Management area. This designation supports reporting, sorting, and filtering of data.
  • Sales Manager - Enables the user to be designated as a Sales Manager in the Client Management area. This designation supports reporting, sorting, and filtering of data.
  • License Manager - Enables the user to manage Client Licensing within a client's contract.
  • User Manager - Enables the user to manage user accounts and access permissions for a specific client
  • Client Manager - Enables the user to manage details for a specific client.