|GRC Control Test Processor
||Responsible for ensuring that a control test is executed, run, and managed
|GRC Executive Approver
||Responsible for approving any changes to authority documents, citations, and
controls imported from UCF Authority Documents. Users with this role have access to
their list of UCF document requests in the My Approvals module.
|GRC External Auditor
||Responsible for reviewing the control tests and the observations generated from
them. These users have read-only access to all records involved in an audit and are
external to the organization.
|GRC Internal Auditor
||Responsible for reviewing and auditing control test results, and managing
observations for those results. These users have the following access:
- Read-only access to authority documents, citations, controls, risks, and
- Read-only access to audit tables.
- Read-only access to control test instances assigned to an audit.
- Read-only access to observation instances assigned to them. This user can add
a work note.
- Able to create observations.