Control Compliance Suite
(CCS) includes several predefined roles that you can assign to
users. These roles specify the level of interaction that the users
have when they log on to the console.
An administrator can
allow or block user access to features and functionality in the
product by assigning different roles to the console users.
Various CCS roles are
based on the features and functionality of the product.
See Table: Administrative roles.
See Table: Default CCS user role.
See Table: Assets roles.
See Table: Standards roles.
See Table: Exception roles.
See Table: Entitlements roles.
See Table: Policy roles.
See Table: Reports and dashboards roles.
Table: Administrative roles
Role
|
Description
|
CCS Administrator
|
The CCS Administrator has full access to all the features of
CCS.
You can view the list of available tasks from the Settings >
Roles view.
|
Power User
|
The Power User role lets the user do everything
the CCS Administrator can do except the following tasks:
-
Configure application
-
Manage audits
-
Manage licenses
-
Assign policy audience
You can view the list of available tasks from the Settings >
Roles view.
|
Auditor
|
The Auditor role lets the user view the
following:
|
Table: Default CCS user role
Role
|
Description
|
Guest User
|
By default, all the authenticated CCS users have the Guest User
role.
The Guest User role lets the user do the
following:
|
Table: Assets roles
Role
|
Description
|
Assets Viewer
|
The Assets Viewer role lets the user do the
following:
|
Table: Standards roles
Role
|
Description
|
Standards Administrator
|
The Standards Administrator role lets the user do
the following:
-
Update configuration settings
-
Manage standards, sections, and checks
-
Manage jobs
-
Collect data
-
Evaluate standards
-
Manage tags
-
Request exceptions
-
Generate reports and dashboards
-
View assets
-
View standards
-
View evaluation results
-
View roles and permissions
-
View reports and report templates
-
View dashboards and dashboard templates
-
View and customize report templates
-
View roles and permissions
|
Standards Evaluator
|
The Standards Evaluator role lets the user do the
following:
-
Manage jobs
-
Collect data
-
Evaluate standards
-
Manage jobs
-
Manage tags
-
Request exceptions
-
Generate reports and dashboards
-
View evaluation results
-
View dashboards and reports
-
View assets
-
View standards
-
View and customize dashboard and report templates
|
Table: Exception roles
Role
|
Description
|
Exception Approver
|
The Exception Approver role lets the user do the
following:
-
Approve exceptions
-
Manage tags
|
Exception Requestor
|
The Exception Requestor role lets the user do the
following:
|
Table: Entitlements roles
Role
|
Description
|
Entitlements Administrator
|
The Entitlements Administrator role lets the user
do the following:
-
Manage the control points
-
Assign the data owners and the alternate data owners to the
control points
-
Import entitlements
-
Manage control points
-
Manage users
-
Manage review cycles
-
Manage jobs
-
Manage tags
-
Manage users
-
Request entitlements approval
-
Request exceptions
-
Generate reports and dashboards
-
Customize report templates
-
Update configuration settings
-
Update and view notification templates
-
View assets and asset reconciliation rules
-
View review cycles
-
View control points
-
View dashboards and dashboard templates
-
View reports and report templates
-
View evaluation results
-
View roles and permissions
|
Entitlements Data Owner
|
The Entitlements Data Owner role lets the user do
the following:
|
Table: Policy roles
Role
|
Description
|
Policy Administrator
|
The Policy Administrator role lets the user do the
following:
-
Manage policies
-
Manage jobs
-
Manage tags
-
Manage policy comments
-
Manage policy clarifications
-
Manage policy content
-
Request exceptions
-
Publish policies
-
Update configuration settings
-
Customize report templates
-
Generate reports and dashboards
-
View assets
-
View standards
-
View policies, policy comments, and policy content
-
View dashboards and dashboard templates
-
View reports and report templates
-
View roles and permissions
|
Policy Approver
|
The Policy Approver role lets the user do the
following:
|
Policy Reviewer
|
The Policy Reviewer role lets the user do the
following:
|
Table: Reports and dashboards roles
Role
|
Description
|
Reporting Administrator
|
The Reporting Administrator role lets the user do
the following:
-
Manage jobs
-
Customize report templates
-
Assign permissions to folders
-
Manage tags
-
Request exceptions
-
Generate reports and dashboards
-
Update infrastructure configuration settings
-
View assets and asset reconciliation rules
-
View standards
-
View review cycles
-
View baselines
-
View dashboards and dashboard templates
-
View reports and report templates
-
View evaluation results
-
View roles and permissions
|
Report Result Viewer
|
The Report Result Viewer role lets the user do the
following:
|