The Risk Ledger platform allows users to be assigned different role types depending on the level of access you want them to have to the application.
The first user to sign up to the Risk Ledger platform is automatically designated as the Lead account.
The role types are listed below along with their level of permissions:
Lead User | The Lead User is the Organisation owner. They have full access to the Risk Ledger platform and can perform all actions and manage team members within the Settings page.
The Lead User is the first account to sign up to the Risk Ledger platform and cannot be deleted. Every organisation must have a Lead User account. To change the Lead User please contact us at support@riskledger.com. |
Admin User | An Admin User has full access to the Risk Ledger platform and can perform all actions and manage team members within the Settings page. Admin User's are typically managers of assurance or security teams. |
Edit User | An Edit User has full access to the Risk Ledger platform and can perform all actions within the tool except for managing other team members. Information security managers and team members who are expected to provide input into the security assessment are typically given an Edit User role. |
Edit User (Client Side) | Same permissions as an 'Edit' user, but restricted to functionality on the client-side of the platform. This means they will be able to access supplier assessments, create discussions and remediations, and action approvals. They will not possess the ability to input information to the supplier side of the platform. |
Edit User (Supplier Side) | Same permissions as an 'Edit' user, but restricted to functionality on the supplier side. This means the user will be able to change or update the organisations response to controls, respond to discussions and remediations or upload evidence. They will not possess the ability to undertake supplier assessment. |
View User | A View User has only read access to the Risk Ledger platform. They can view all of the Risk Ledger pages but cannot create, edit, or delete any data. Procurement team members or a companies in-house counsel are typically given View User access as they may want to view the platform for information purposes but are not required to edit any data. |
View User (Client Side) | This allows the user read-only access to view supplier responses to the assessment. They can review answers but cannot make any changes, cannot exempt or non-comply any answers nor move through the approvals process. |
View User (Supplier Side) | Gives the user read-only access to the supplier side of the platform. This means they will be able to login and view the organisation's responses to questions in the assessment, but won't be able to change them or respond to any outstanding discussions or remediations. |
💡 If there is anything we haven't covered, please feel free to contact us at support@riskledger.com or alternatively, select the Chat icon in the bottom right corner.