Here are the roles and their corresponding permission descriptions:
Asset Owner
Is involved in adding their information about assets to the system. Collaborates in the process to identify, assess, and strategically address only the relevant threats and vulnerabilities applicable to their specific types of assets.
Auditor
Utilizes Securea's capabilities for audits and reporting. Benefits from Securea's comprehensive compliance features that aim to ensure teams are always audit-ready. Accesses audit-ready documentation and reporting within the platform to verify compliance and security postures.
BCP Manager
Manages Business Continuity Management (BCM) within Securea. Leverages Securea to assess relevant impacts and disaster scenarios. Is responsible for implementing efficient strategies to minimize downtime and ensure critical business functions and processes can recover and continue in case of major disruptions.
Compliance Manager
Is the primary user for simplified and effective compliance management within Securea. Ensures adherence to all applicable regulations, norms, standards, and laws. Streamlines compliance program management and stays in sync with changes to obligations and regulations. Utilizes Securea's features to stay on top of evolving regulations, from fulfilling obligations and policy creation to audits and reporting.
Control Owner
Is responsible for the application of relevant controls to minimize negative impacts and ensure cost efficiency. Contributes to targeted risk mitigation strategies by helping to prioritize only the applicable controls based on identified threats. Participates in the initial mapping of relevant threats and controls during the first steps with Securea.
Guest
Guest role have limited, read-only access to specific, non-sensitive information, such as public dashboards or general reports, without the ability to modify data.
Partner
Partner is an external entity granted specific, predefined access to particular GRC data or reporting that is relevant to a collaborative effort or shared responsibility.
Remediation Activity Owner
Is responsible for managing activities that address identified potential risks, compliance, or governance gaps. Works to implement measures to mitigate emerging risks that are identified through Securea's monitoring tools and alerts.
Risk Manager
Oversees the entire risk management process within Securea. Utilizes Securea to identify, assess, and strategically address threats and vulnerabilities. Drives targeted risk management strategies and makes data-informed decisions based on Securea's comprehensive reports and dashboards. Aims to strengthen the company’s operational resilience by gaining real-time insights into the risk landscape.
Risk Owner
Is accountable for specific risks within their domain and collaborates on targeted risk management strategies. Reviews and comprehends the calculation of every risk per asset within Securea related to their area of responsibility. Contributes to prioritizing applicable controls and understanding the security status concerning the risks they own.
Tenant Master
The Tenant Master is the highest-level administrator for an organization's instance of Securea. This role encompasses full administrative control over user management settings, integrations, and overall data management within their organization's environment.