In Control Compliance Suite (CCS) a role is a collection of predefined tasks or functions. The user may perform each task that is a specific action, such as Create a policy or Run an evaluation. The role determines what a user can see and perform in the CCS console.

To have a role does not automatically grant the user the rights that are required to perform the task on the directory objects. In addition to the role, the user must have access rights on the required directory objects to successfully perform a task.

For example, if the user is in the Evaluators role, the user is allowed to set up and run evaluation jobs. But when the evaluation job is run, the results are based only on the assets for which the user has been granted the Evaluate permission.

CCS provides a number of predefined roles to suit your organizational needs. The predefined role and task association cannot be modified. However, CCS lets you create custom roles.

See About custom roles.