Skip to main content

7. Roles Settings

The Roles Section empowers you to effectively manage access and permissions across your entire framework. Roles ensure that access and permissions are aligned with your organisation's processes and security requirements.

By giving you full control over role management, this section provides the flexibility to adapt your framework as your organisation grows or changes. This level of control reduces risks, enhances collaboration, and ensures compliance with your internal policies.


Role assignment

In CSFaaS, every user must be assigned a role. Clear identification and assignment of roles ensure accountability and effective collaboration.

How CSFaaS Helps:

Role-Based Access Control (RBAC)

  • Define Roles: Create roles with specific permissions and access levels tailored to stakeholder responsibilities.
  • Granular Access: Ensure users only access the information relevant to their roles.

User Management:

  • Add Users: Input user details and create accounts for all stakeholders who need access.
  • Assign Roles: Assign users to appropriate roles that align with their responsibilities within the system.

Workflow Configuration:

  • Establish Workflows: Define how tasks and information flow between different roles.
  • Manage Processes: Use workflows to handle approval processes, notifications, and task assignments.
  • Align with Policies: Ensure workflows comply with organisational procedures and regulatory requirements.

Default Roles

By default, four roles are pre-configured. These roles provide a baseline for managing user access, which can be tailored further to suit your organisation’s needs.

When a user creates an account for the first time, they are automatically assigned the Account Manager role. From there, they can invite users and assign roles within their workspace.

Account Manager

Has full access to all items, including creation and deletion of roles.

Assurance Manager

Has only read permission on all items.

Read-Only User

Has only read permission on all items.

Request Creator

Has create, read, update, and delete permissions specifically on Risk Management items.


Customisable Role Permissions

Roles can be customised to grant Read or Edit permissions across the following areas:

  • Workspace Settings
  • Workspace Roles
  • Workspace Users
  • Framework Management
  • Framework Content
  • Framework Versions
  • Policy Management
  • Policy Versions
  • Third Party Management
  • System Management
  • Tickets Management
  • Risk Management

Key Features of the Roles Section

The Roles Section provides robust functionality to help you define and manage roles efficiently:

  • Track and Define Roles: Monitor roles and get an overview of general information like Role Name, Description, and Permissions.
  • View Role Details: Access detailed information, including the Role Name, Description, and associated Actions.
  • Manage Existing Roles: Modify roles as your organisational needs evolve.
  • Create New Roles: Define custom roles with permissions tailored to your processes.
  • Delete Roles: Remove roles from your workspace when they are no longer required.