These roles provide access to Governance, Risk, and Compliance (GRC) and can perform all
the activities of the roles they contain.
GRC provides four functional roles that describe general compliance
responsibilities in the system. This is a best practice approach to granting auditors, approvers,
and users who manage control tests the technical roles they need to perform their jobs. These
roles can be modified to suit an organization's needs.
roles grant specific capabilities to users in the system and are
combined to create the functional roles.
Note: Users with the ITIL role have access to the
application and can edit control tests, remediation tasks, and audits.