To manage the risk map access rights, click on “Risk center” in the left menu and click the Risk Maps tab. Then click on the three grey dots next to the risk map you wish to manage the access rights for.

Access is granted from risk map level. You can grant access individually on all risk maps, thereby securing that only relevant users are granted access to view all processes, sub-processes, control objectives, and risks assigned to the risk map.

There are three types of access rights, “Responsible”, “Edit/View” and “View”.

Responsible:

The user assigned as “Responsible” will be responsible for the risk map. This is typically the creator of the risk map.

Edit/View:

All users assigned with “Edit/View” access will be able to manage the risk map. This means creating, editing, and deleting processes, sub-processes, control objectives, and risks, within the risk map.

View:

Users with “View” access will be able to monitor the risk map. A “View” access also grants the user access to view everything assigned to the risk map. “View” access is typically used for internal and external auditors.