Access to various functions within Impero are defined and restricted by User Roles. Only users having a designated role may perform the related function or assign the role to other users. User roles include:

1. User administrator:

All users with access to Impero can create users from the same organization, but only users with the role “User administrator” can invite users to Impero (external stakeholders such as auditors etc.) and delete users from Impero. The user administrator can also create and edit user groups and grant user roles to other users.

2. Tag administrator:

All users with the role “Tag administrator” can create and edit tags in Impero. Once created, the tags may be used by others for creating controls but cannot be created or edited. It is important to notice that Impero has a shared “tag catalog” across the entire environment so changes in the tag catalog may affect other business areas. Impero recommends limiting this role to a few users.

3. Risk map manager:

All users with the role “Risk map manager” can create new risk maps. Access to the different risk maps is set with the same terminology as with control programs (edit/view and view access).

4. Control manager:

All users with the role “Control manager” can create new controls and control programs. If a user without the control manager role is granted “Edit/view” access to a program, the user can edit already exiting controls within that program, but the user cannot create new controls.

5. Report manager:

All users with the role “Report manager” can set up push reports.