Organizational roles and permissions

Before you add users to your instance of Hyperproof, it's important to understand the organizational and object roles and permissions you can assign to users. These roles are designed to manage access and control at different levels within the platform.

Define access and permissions across the entire organization. They control who can manage overall settings, create or manage compliance programs, and view or list high-level organizational data.

Organizational roles and permissions grant access to broad functionalities and settings that affect the whole organization. For example, administrators can modify organizational settings, manage users, and create programs.

Define access and permissions at a granular level for specific objects. They control who can view, manage, or contribute to individual compliance programs, controls, proofs, or audits.

Object roles and permissions grant access to specific tasks or data within an object. For instance, a manager can configure and oversee an object, while a contributor can add or modify data within that object.

Understanding the interaction between organizational and object roles helps ensure that users have the appropriate access to perform their tasks effectively while maintaining the necessary data security and management control.

When you add users to your instance of Hyperproof, you can invite them to join the organization and choose a specific role.

Within Hyperproof, you will find five organizational roles to choose from:

In the video tutorial below, we walk through the different organizational roles within Hyperproof.

Another option for adding someone to Hyperproof is as a contact. It is important to distinguish between a user and a contact.

In short, users are expected to log in to Hyperproof and use the product, while contacts are not intended to use Hyperproof at all. If you add someone as a user to Hyperproof, they can access the platform, and a role must be assigned to that user. If you add someone as a contact, they won't have access to the platform, but they can be assigned tasks and access those tasks via a browser. This helps relevant stakeholders who may just need to provide proof and do not have to access Hyperproof.

When deciding whether to assign someone as a user or a contact in Hyperproof, consider the following:

Users are active participants in Hyperproof who need full access to the platform. They receive login credentials and can interact with the system based on their assigned roles, such as administrator or compliance manager.

Contacts do not receive login credentials and cannot access the Hyperproof platform directly. Being a contact is useful for stakeholders who need to provide information or proof but do not require access. Contacts can be assigned tasks and will receive notifications via email or browser, allowing them to contribute without logging into Hyperproof.