Roles installed with Audit Management GRC: Audit Management adds the following roles. Role title [name] Description Contains roles Audit User[sn_audit.user] In addition to the inherited permissions, the audit user can be assigned audit tasks and create test templates and test plans. The audit user has read-only access to the Risk Management application and modules and the Policy and Compliance Management application and modules. sn_grc.reader sn_grc.user Audit Manager[sn_audit.manager] In addition to the inherited permissions, the audit manager can create authority documents, citations, policies, policy statements, and controls. sn_grc.reader sn_grc.user sn_grc.manager sn_audit.user Audit Admin[sn_audit.admin] In addition to the inherited permissions, the audit admin can delete engagements, audit tasks, test templates, and test plans. sn_grc.reader sn_grc.user sn_grc.manager sn_grc.admin sn_audit.user sn_audit.manager Audit Developer[sn_audit.developer] In addition to the inherited permissions, the audit developer can add and delete audit report templates. sn_grc.reader sn_grc.user sn_grc.manager sn_grc.admin sn_audit.user sn_audit.manager sn_audit.admin External Auditor[sn_audit.external_auditor] External auditors can be assigned as auditors for an engagement and can be assigned to audit tasks. They can view closed engagements, audit tasks that are assigned to them, and closed audit tasks. If the Policy and Compliance Management plugin or Risk Management plugins are installed, they can also view published policies and controls and risks in the Monitor state.