All user functions in S2Vendor are controlled by the permissions the user is granted. Each permission is standalone and grants access to very specific functionality.

Permissions By Role

Permissions can be stacked in custom combinations but within S2Vendor they tend to fall into 4 categories as defined by the user's role.

Administrator

Administers the S2Vendor program usually in addition to playing the role of Risk Manager. Defined by the ability to adjust system settings and configurations. 

The following permissions are typical of the administrator role.

Risk Manager

Adds/manages vendors in S2Vendor. Responsible for making risk decisions such as approving impact ratings and making the final determination for each vendor.

The following permissions are typical of the risk manager role.

Relationship Owner

Provides classification criteria for assigned vendor(s). Has an extremely limited view into S2Vendor. 

The following permissions are typical of the relationship owner role.

Vendor Contact

Gives visibility into incoming assessment requests from other organizations even if not explicitly listed by this organization. Able to respond to assessment requests and invite other team members to help.

The following permissions are typical of the vendor contact role.

Full Access is usually set by the vendor organization when they create a Response Team for ALL incoming assessment requests.

Related Articles

Guide to Permissions
Configure Permissions (S2Partner)

Configure Permissions (S2Org)

Configure Permissions (S2Team)

Did this answer your question?