How do I know what user roles I should assign to my users?

One of the major benefits of a system featuring Role-based Access Controls (RBAC) is that it allows fine-grained access management to the Cyturus application suite.

Compliance and Risk Tracker - User Product Security Roles

There are ten Product Security Roles within the application. However, they are split between User Types: Instance and Client. 

• User Type: Instance
  • Instance Admin - Full access to all instance configurations and data
  • Client Admin - Data Manager role that manages specific client accounts
  • Instance Manager - Manages consulting organization and data across clients
  • Instance Consultant - Designed for non-FTE consultants; cannot hold Entitlements
  • Instance User - Handles tasks and operational duties without direct data management or ownership roles
• User Type: Client
  • Client Manager - Data management role with permissions to manage their client's details and users; includes 'Owner' entitlements
  • Client Consultant - Data management role limited to 'Manager' entitlements; cannot hold 'Owner' entitlements
  • Client User - Contributor role for client-specific data access; allowing 'Owner' but not 'Manager' entitlements

• Both User Types
  • Guest - Provides limited, view-only access to data
  • Auditor - Restricted access for auditing purposes

Third Party Risk Management - User Roles

There are only two roles within the TPRM portal that can be assigned to users:

• Vendor Admin - This user can login as a vendor, view the assessment/submit the assessment, and manage their own users.
• Vendor User - This user can login as a vendor, and view the assessment/submit the assessment.

Self Assessment - User Roles

Similar to the Third Party Risk Management portal there are only two roles that can be assigned to users:

• SA Admin - This user can login as a user, create/view an assessment/submit assessments, and manage their own users.
• SA User - This user can login as a user, and view the assessment/submit assessments.