All user functions in S2Org are controlled by the permissions the user is granted. Each permission is standalone and grants access to very specific functionality.


Within S2Org, there are 3 permissions available. Users can also be assigned general administration permissions.


Administers the organization's SecurityStudio account. Responsible for billing, user management, partner management, and configuring other non-essential settings.

Full Access

Completes the organization's assessment and builds roadmap for making improvements over time. Responsible for tracking updates to the organization's risk posture.

Contributor Access

Contributes notes or attachments to assigned items in the assessment or roadmap. Can also indicate if a response or status should be changed; however, this change will need to be approved by a Full Access user. Read more here.


Has full visibility into the assessment and roadmap but cannot affect change. Typically given for access to previous assessment work.

Related Articles
Guide to Permissions

Configure Permissions (S2Partner)

Configure Permissions (S2Vendor)

Configure Permissions (S2Team)

Did this answer your question?