Permissions can depend on:
Group Access
Some data can be shared either globally or based on the user’s access control group.
- Global: Shared configurations with all users.
- Group: Specific to a particular group.
Ownership
The following can be owned, which are configured based on user preferences:
- Alerts
- Collaboration Messages
- Company Notes
- Company Requests
- Finding Comments
- Folders
- User API Tokens
Permissions
Key
✅ = Is permitted.
❌ = Not permitted.
➖ = Not applicable and not permitted.
Actions
See permissions for the following actions:
- Access Control
- Alerts, Notifications, & Email
- API
- Assessments
- Authentication
- Bitsight Badge
- Collaboration
- Company Relationships
- Company Requests
- Cyber Insurance
- Financial Quantification
- Folders
- Infrastructure
- Portfolio Risk Matrix
-
Remediation
- Company Notes
- Exposed Credentials Download
- Finding Comments
- Issue Tracking
- Work From Home
- Settings
- Subscriptions
- Tiers
- Trust Management Hub & Vendor Risk Management Data
-
User Management
- Activity Log
- Assign Roles
- Assign a Collaboration Contact
- Assign a Subscription Contact
- Be a Collaboration Contact
- Be a Subscription Contact
- Enable Features
- View User Activity
- January 3, 2025: Portfolio Risk Matrix permissions; Company Requests can be owned.
- November 25, 2024: Separated alerts, API, Bitsight Badge, company relationships, company requests, Financial Quantification, folders & infrastructure sections into their own articles; Combined account and SAML into authentication then separated into its own article; Combined 4th party & company relationships into its own article.
- November 22, 2024: Separated remediation & mitigation, subscriptions, tiers, underwriting guidelines, & user management sections into their own articles; Linked to assessments, Settings menu, & Trust Management Hub/Vendor Risk Management data permissions; Added permissions key; Referenced TMH/VRM user roles.
Feedback
0 comments
Please sign in to leave a comment.