These roles provide access to Governance, Risk, and Compliance (GRC) and can perform all
the activities of the roles they contain.
Functional roles provide general compliance capabilities to users in the system. Grant these
roles to auditors, approvers, and users who manage control tests. These roles can be modified to
suit an organization's needs.
Technical roles provide specific capabilities to users in the system and when combined create
Note: Users with the ITIL role have access to the application and can edit control tests,
remediation tasks, and audits.