Roles installed with Risk Management

GRC: Risk Management adds the following roles.

Role title [name] Description Contains roles
Risk Admin

[sn_risk.admin]

Contains the reader, user, manager, and admin roles in sn_grc scopes, and the reader, user, and manager roles in theRisk Management application. In addition to the inherited permissions, the risk admin can delete risk frameworks, risk statements, and risks, and modify admin properties and risk criteria.
  • sn_grc.reader
  • sn_grc.user
  • sn_grc.manager
  • sn_grc.admin
  • sn_risk.reader
  • sn_risk.user
  • sn_risk.manager
  • Inherits the following roles if the GRC: Policy and Compliance Management plugin is activated.
    • grc_audit_reader
    • task_editor
    • certification_admin
    • grc_test_definition_admin
    • grc_control_test_reader
    • assessment_admin
    • certification
    • grc_compliance_reader
    • certification_filter_admin
    • grc_admin
    • grc_user
Risk Assessment Creator

[sn_risk.asmt_creator]

  • sn_grc.reader
  • sn_grc.user
  • sn_grc.manager
  • sn_risk.reader
  • sn_risk.user
  • Inherits the following roles if the GRC: Policy and Compliance Management plugin is activated.
    • grc_audit_reader
    • task_editor
    • certification_admin
    • grc_test_definition_admin
    • grc_control_test_reader
    • assessment_admin
    • certification
    • grc_compliance_reader
    • certification_filter_admin
    • grc_user
Risk Manager

[sn_risk.manager]

Contains the reader, user, and manager roles in sn_grc scope, and the reader and user roles in theRisk Management application. In addition to the inherited permissions, the risk manager can create risk frameworks, risk statements, and risks.
  • sn_grc.reader
  • sn_grc.user
  • sn_grc.manager
  • sn_risk.reader
  • sn_risk.user
  • Inherits the following roles if the GRC: Policy and Compliance Management plugin is activated.
    • grc_audit_reader
    • task_editor
    • certification_admin
    • grc_test_definition_admin
    • grc_control_test_reader
    • assessment_admin
    • certification
    • grc_compliance_reader
    • certification_filter_admin
    • grc_user
Risk Reader

[sn_risk.reader]

Contains the reader role in sn_grc scope. In addition to the inherited permissions, the risk reader has read-only access rights to the Risk application and modules and can be assigned risks.
  • sn_grc.reader
Risk User

[sn_risk.user]

Contains the reader and user roles in sn_grc scope, and the reader role in the Risk Management application. In addition to the inherited permissions, the risk user can view profile types, profiles, risks, and remediation tasks. The risk user can be assigned risks and has read-only access to the Policy and Compliance Management application and modules.
  • sn_grc.reader
  • sn_grc.user
  • sn_risk.reader
  • Inherits the following roles if the GRC: Policy and Compliance Management plugin is activated.
    • grc_compliance_reader
    • grc_user
    • grc_audit_reader
    • grc_control_test_reader
    • task_editor