GRC functional and technical roles - Legacy

These roles provide access to Governance, Risk, and Compliance (GRC) and can perform all the activities of the roles they contain.

Functional roles provide general compliance capabilities to users in the system. Grant these roles to auditors, approvers, and users who manage control tests. These roles can be modified to suit an organization's needs.

Technical roles provide specific capabilities to users in the system and when combined create functional roles.

Note: Users with the ITIL role have access to the application and can edit control tests, remediation tasks, and audits.
Figure 1. GRC technical and functional roles