Learn how to manage access permissions for risks
Table of contents
- What is an access member?
- Assigning access members to risks
- Permission settings related to risk access
What is an access member?
An access member of a risk is a user who is specifically given access to that risk.
When a non-admin user creates a risk, they are automatically added as an access member to that risk.
By default,
- Administrators have access to all risks,
- Users (that are not administrators) can see and access a risk when they are either added to the risk's access members list, or if they have the View all risks permission turned on.
To learn the difference between an access member and an owner, head here.
Assigning access members to risks
Go to Risks > Registers and select the risk you want to assign access member(s) to.
In the Access members field, add/remove users as necessary. Your changes are saved automatically.
Permission settings related to risk access
Permissions can be set at either the user level or the role level.
There are a few permissions related to risk access, namely:
- Risks: Allows users to access the Risks module. Includes view access to any risks assigned to the user.
- View all risks: Allows users to view all risks within the Risks module.
- Risk access members: Allows users to view Access members assigned to risks that they have view access to.
- Manage access members for risks: Allows users to edit Access members of risks they have edit permissions to.
To change these permissions for an individual user, go to Administration > Users (1), click on the user (2), click Permissions (3) and you can search for the permission by using the browser search function e.g. Ctrl + F.
To change these permissions for a role, go to Administration > Roles, click on the role, click Edit and go to the Permissions tab, where you can search for the permission by using the browser search function e.g. Ctrl + F.
