Roles installed with Audit Management

GRC: Audit Management adds the following roles.

Role title [name] Description Contains roles
Audit User

[sn_audit.user]

In addition to the inherited permissions, the audit user can be assigned audit tasks and create test templates and test plans. The audit user has read-only access to the Risk Management application and modules and the Policy and Compliance Management application and modules.
  • sn_grc.reader
  • sn_grc.user
Audit Manager

[sn_audit.manager]

In addition to the inherited permissions, the audit manager can create authority documents, citations, policies, policy statements, and controls.
  • sn_grc.reader
  • sn_grc.user
  • sn_grc.manager
  • sn_audit.user
Audit Admin

[sn_audit.admin]

In addition to the inherited permissions, the audit admin can delete engagements, audit tasks, test templates, and test plans.
  • sn_grc.reader
  • sn_grc.user
  • sn_grc.manager
  • sn_grc.admin
  • sn_audit.user
  • sn_audit.manager
Audit Developer

[sn_audit.developer]

In addition to the inherited permissions, the audit developer can add and delete audit report templates.
  • sn_grc.reader
  • sn_grc.user
  • sn_grc.manager
  • sn_grc.admin
  • sn_audit.user
  • sn_audit.manager
  • sn_audit.admin
External Auditor

[sn_audit.external_auditor]

External auditors can be assigned as auditors for an engagement and can be assigned to audit tasks. They can view closed engagements, audit tasks that are assigned to them, and closed audit tasks. If the Policy and Compliance Management plugin or Risk Management plugins are installed, they can also view published policies and controls and risks in the Monitor state.