HomeGuidesAPI ReferenceChangelog
Guides

Roles

RegScale provides a number of preset roles that provide limited access to certain functionality within the system. Roles should be applied to each user to ensure least privilege access to only the role(s) necessary to perform their job functions.

Suggest Edits
Role NameAccess TypeModule Access
AdministratorCreate, Read, Update, DeleteFull access to all modules, Setup for their tenant, Catalogues Management as well as Workflows, Workflow Designer and Build Workflow in Subsystems
AssessmentUserCreate, Read, Update, DeleteAssessment Plans Module, Assessments Module, Evidence Module, Questionnaires Module. NOTE: Will require additional roles to access Continuous Monitoring or Lightning Assessments since they typically act on other modules.
AssetUserCreate, Read, Update, DeleteAssets Module, Vulnerability User
CaseUserCreate, Read, Update, DeleteCases Module
CausalAnalysisUserCreate, Read, Update, DeleteCausal Analyses Module
ChangeUserCreate, Read, Update, DeleteChanges Module
DataCallUserCreate, Read, Update, DeleteData Calls Module
ExceptionUserCreate, Read, Update, DeleteExceptions Module
GeneralUserCreate, Read, Update, DeleteAll Modules (except Catalogues Module, Categorization Engines Module, Security Controls Modules), nor access to Setup or Admin functions
GlobalAdminCreate, Read, Update, DeleteTenant Configuration
IncidentUserCreate, Read, Update, DeleteIncidents Module
InterconnectUserCreate, Read, Update, DeleteInterconnects Module
IssueScreenerCreate, Read, Update, DeleteThis issue is a special role that is often combined with GeneralUser or IssueUser role to give them access to Issue Screening approval in the Issues module on the Status page. This is a special category of user that screens issues for severity and makes overall determinations that drive the end to end workflow. Note: This role must also have the IssueUser role, GeneralUser role, or Administrator role in order to get to the Status tab to perform screening.
IssueUserCreate, Read, Update, DeleteIssues Module, Causal Analysis Module
MaintainerCreate, Read, Update, DeleteCatalogues Module, Categorization Engines Module, Security Controls Modules, and Importer Tools as well as Workflows, Workflow Designer and Build Workflow in Subsystems, Report Builder
ManagerCreate, Read, Update, DeleteSame as general user, ability to impersonate users on the workbench, Report Builder
PolicyUserCreate, Read, Update, DeletePolicy Module, Security Profiles, Assessments, Issues
ProgramUserCreate, Read, Update, DeletePrograms Module, Security Profiles, Capabilities Module, Assessments, Issues
ProjectUserCreate, Read, Update, DeleteProjects Module, Security Profiles, Security Issues, Risks, Assessments, Issues
ReadOnlyReadAll Modules. NOTE: This permission overrides all other module specific permissions. If you get readonly, you will lose edit permissions regardless of other module permissions assigned.
ReportBuilderCreate, Read, Update, DeleteReport Builder
ReponseAutomationUserCreate, Read, Update, DeleteResponse Automation Module
RequestUserCreate, Read, Update, DeleteRequests Module, Assessments, Risks, Issues
RiskUserCreate, Read, Update, DeleteRisks Module, Issues Module
QuestionnaireUserCreate, Read, Update, DeleteThe QuestionnaireUser role is a special role that only provides access to questionnaires that are assigned to this user role. It is designed specifically for external users to complete questionnaires.
SecurityPlanUserCreate, Read, Update, DeleteSecurity Plans Module, Security Profiles, Components Module, Evidence Module, Control Implementations Module, Issues, Assessments, Response Automation Module Continuous Monitoring, Vulnerability Module
SupplyChainUserCreate, Read, Update, DeleteSupply Chains Module, Security Profiles, Evidence Module, Issues Module, Assessments
ThreatUserCreate, Read, Update, DeleteThreat Models & Threats Modules

Note: All users can access the Questionnaires and Tasks Modules except QuestionnaireUser. The QuestionnaireUser role is a special role that only provides access to questionnaires. It is designed specifically for external users to complete questionnaires. Users assigned the ReadOnly role have read-only access to the Tasks module.

Assign Roles

  1. To set a role(s) navigate to Setup, ' Identity and Access Management' tab, and search for and/or select the user that you wish to edit by clicking the edit icon under ACTIONS.
  2. Under Manage Roles, select the appropriate role by checking the box next to the role that will allow the least privilege access to only the role(s) necessary for the user to perform their job functions. There is no need to click Save, the role will Auto-save and a toast will appear that states "User added to role successfully."
  3. If the user is currently logged in, they will need to log out and back in to reset their permissions and have the new roles applied

Delete Roles

  1. To delete a role(s) navigate to Setup, ' Identity and Access Management' tab, and search for and/or select the user that you wish to edit by clicking the edit icon under ACTIONS.
  2. Under Manage Roles, select the appropriate role(s) by un-checking the box(es) next to the role that you wish for this user to no longer have. There is no need to click Save, the role will Auto-Save and a toast will appear that states "User removed from role successfully."
  3. If the user is currently logged in, they will need to log out and back in to reset their permissions and have the new roles applied

Updated 8 days ago