When you add a new user to your CyberRisk instance, you also have the option to assign their permissions:

  • Standard
    This is the basic, default setting for all new users. When inviting a user, if none of the checkboxes are selected, that user will have standard permissions. Users with standard permissions are able to add custom domains in BreachSight, add and remove vendors in Vendor Risk, send questionnaires and remediation requests, and apply labels across the product.
  • Read-Only
    Users with Read-Only permissions can see all sections of the tool (with the exception of Data Leaks) but cannot modify the instance. This means they can’t add or remove vendors, send Questionnaires, apply labels, or take any action that would change the information in the instance.
  • Account Admin
    Users with Account Admin access can do everything a Standard user is able to do, as well as add users, see the Audit Log, create custom Notifications, and generate API keys for their instance.
  • Data Leaks
    Users with Data Leaks permissions are able to access the Data Leaks module, leave comments, and acknowledge, close or reopen Data Leaks disclosures
  • Risk Assessor
    Users with Risk Assessor permissions can create and edit Risk Assessments for vendors you're monitoring
Did this answer your question?