Guide to Permissions
Caitlin Fox avatar
Written by Caitlin Fox
Updated over a week ago

All user functions in SecurityStudio are controlled by the permissions the user is granted. 

Below is a full listing of all possible permissions.

The permissions displayed in your user settings is dependent on what modules your organization has enabled.

Permissions Explained

Each permission is standalone and grants access to very specific functionality.

Administration

  • Company Profile: Add/manage company profile

  • SAML Settings: Manage organization SAML settings

  • Partner Management: Add/manage organization partners

  • Users: Add/manage users

  • Billing: Add/manage billing

  • Business Units: Add/manage business units

  • SMTP Settings: Manage organization SMTP settings

  • Message Center: Manage organization messages

  • Domains: Manage organization domains

S2Partner

  • Full Access: Add/manage all clients. Assign workers to clients

  • Limited Access: Manage assigned clients only

  • Validator: Validate (attest) to assessment results

  • Partner Profile: Manage public partner profile

S2Org

  • Full Access: Complete and update organization assessment(s) and roadmap without limitations

  • Contributor Access: Perform limited, contributory functions to assigned items within the assessment and roadmap

  • Read-Only: View all assessment functions

S2Vendor

Outgoing Requests

  • Supervisor: Add/manage all vendors and make risk decisions (approve impact rating and make final determination)

  • Risk Manager: Add and manage only vendors assigned to them (approve impact rating and make final determination)

  • Vendor List Read-Only: Read-Only access to Vendor List

  • Relationship Owner: Provide classification criteria for assigned vendor(s)

  • Respond to Assessment Request: See and respond to incoming assessment requests from other organizations

  • Settings:

    • Workflows: Adjust/replace workflow(s)

    • Templates: Create assessment templates

    • Custom Fields: Add/manage custom fields in the vendor profile page

  • Workflow Management: Adjust/replace workflow(s)

  • Assessment Designer: Create assessment templates

  • Vendor Custom Fields: Add/manage custom fields in the vendor profile page

Incoming Requests

  • Full Access: See and respond to incoming assessment requests from all organizations

  • Limited Access: See and respond to incoming assessment requests from specific organizations

S2Team

  • Full Access: Give/revoke employee access. View dashboard

  • Read-Only: View employee access and dashboard

Add a User

Configure Permissions (S2Partner)

Configure Permissions (S2Org)

Configure Permissions (S2Vendor)

Configure Permissions (S2Team)

Did this answer your question?