Authorisation matrix

Overview of the roles & rights per role in the 3rdRisk platform
 AdministratorThird-party managerRisk officerRisk managerReviewer**External reviewerAuditorBusiness owner*Leadership
Platform

 

 

 

 

 

 

 

 

 
Company registration

x

 

 

 

 

 

 

 

 
Organisation profile

 

 

 

 

 

 

 

 

 
View organisation profile

x

x

x

x

 

 

x

 

 
Edit organisation profile

x

 

x

x

 

 

 

 

 
Users

 

 

 

 

 

 

 

 

 
View user table

x

x

x

x

 

 

x

 

 
Add users and assign roles

x

 

 

 

 

 

 

 

 
Edit users and assigned roles

x

 

 

 

 

 

 

 

 
Remove users

x

 

 

 

 

 

 

 

 
Organisation model

 

 

 

 

 

 

 

 

 
Module level

 

 

 

 

 

 

 

 

 
View organisation model

x

x

x

x

 

 

x

 

 
Add organisation elements

x

 

 

 

 

 

 

 

 
Edit organisation elements

x

 

 

 

 

 

 

 

 
Remove organisation element

x

 

 

 

 

 

 

 

 
Roles on object level

 

 

 

 

 

 

 

 

 
Responsible colleague

 

x

x

x

 

 

 

x

x
Requirements module

 

 

 

 

 

 

 

 

 
Module level

 

 

 

 

 

 

 

 

 
View organisation requirements

x

x

x

x

 

 

x

 

 
Add organisation requirements

x

 

x

x

 

 

 

 

 
Edit organisation requirements

x

 

x

x

 

 

 

 

 
Remove organisation requirements

x

 

x

x

 

 

 

 

 
Roles on object level

 

 

 

 

 

 

 

 

 
Requirement manager

 

 

x

x

 

 

 

 

 
Requirement owner

 

 

x

x

 

 

 

x

x
Risk officer

 

 

x

x

 

 

 

 

 
Third-party management module

 

 

 

 

 

 

 

 

 
Module level

 

 

 

 

 

 

 

 

 
View third-parties / contracts

x

x

x

x

 

 

x

x

x
Add third-parties / contracts

x

x

x

x

 

 

 

x

x
Edit third-parties / contracts

x

x

x

x

 

 

 

x

x
Remove third-parties / contracts

x

x

x

x

 

 

 

x

x
Roles on object level

 

 

 

 

 

 

 

 

 
Third-party / contract manager

 

x

 

 

 

 

 

 

 
Business owner

 

 

 

 

 

 

 

x

x
Risk officer

 

 

x

x

 

 

 

 

 
Risk register module

 

 

 

 

 

 

 

 

 
Module level

 

 

 

 

 

 

 

 

 
View risks

x

x

x

x

 

 

x

x

x
Add risks

x

 

x

x

 

 

 

x

x
Edit risks

x

 

x

x

 

 

 

x

x
Remove risks

x

 

x

x

 

 

 

x

x
View audit log

x

x

x

x

 

 

x

x

x
Roles on object level

 

 

 

 

 

 

 

 

 
Risk owner

 

x

x

x

 

 

 

x

x
Incident register module

 

 

 

 

 

 

 

 

 
Module level

 

 

 

 

 

 

 

 

 
View incidents

x

x

x

x

 

 

x

x

x
Add incidents

x

 

x

x

 

 

 

x

x
Edit incidents

x

 

x

x

 

 

 

x

x
Remove incidents

x

 

x

x

 

 

 

x

x
View audit log

x

x

x

x

 

 

x

x

x
Roles on object level

 

 

 

 

 

 

 

 

 
Incident owner

 

x

x

x

 

 

 

x

x
Internal response coordinator

 

x

x

x

 

 

 

x

x
Assessment module

 

 

 

 

 

 

 

 

 
Module level

 

 

 

 

 

 

 

 

 
View assessments

x

x

x

x

x

x

x

 

 
Create assessments

x

x

x

x

 

 

 

 

 
Edit assessments

x

x

x

x

 

 

 

 

 
Remove assessments

x

x

x

x

 

 

 

 

 
Review assessments

x

x

x

x

x

x

 

 

 
View assessment templates

x

x

x

x

 

 

x

 

 
Add assessment templates

x

 

x

x

 

 

 

 

 
Edit assessment templates

x

 

x

x

 

 

 

 

 
Remove assessment templates

x

 

x

x

 

 

 

 

 
Roles on object level

 

 

 

 

 

 

 

 

 
Internal reviewer

x

x

x

x

x

x

 

 

 

 


* Business Owners can only see the records (incidents, risks, remediation plans, contracts, third parties, and assessments) assigned to them.

** Reviewers can only see the ecosystem assessments assigned to them.