Purpose: Establish proper access controls and ensure appropriate team members can contribute to your cybersecurity program development.

User Roles and Permissions:

Admin:

• Full platform access and administrative rights
• User management and role assignment
• System configuration and integration setup
• Complete access to all modules and data
• Export capabilities and reporting permissions

User:

• Standard platform access for daily operations
• Can create, edit, and manage security program content
• Access to assessments, risk register, and task management
• Can view and generate reports
• Limited administrative functions

Guest:

• Limited Read-only access to platform content
• Can view dashboards, reports, and assessments
• Cannot create, edit, or delete information
• Suitable for stakeholders who need visibility without editing rights

Note: Enhanced role-based access control (RBAC) with granular permissions is planned for future release.

Invited User Setup Process:

1. Navigate to Settings > User Management from the main menu
2. Add a New User and provide the required information
3. Send an automated invitation email with onboarding instructions
4. Monitor user activation and initial login status

Best Practices:

• Start with core team members and expand gradually
• Align platform roles with existing organizational responsibilities
• Provide role-specific onboarding guidance
• Regular review and update of user access permissions