Configuring access controls and permissions

You can set permissions for everyone in your org using the Identity & Access Management setting

  1. Workflow Managers can create, edit, and delete custom workflows.
  2. Data Spec Viewers can view Data Specs, which contain information about how a launch collects, uses, shares, and retains data.
  3. Data Spec Editors can edit Data Specs and determine how launches will collect, use, share, and retain data.
  4. Privacy Managers can change the privacy org settings on TerraTrue, including the privacy policy permissions, privacy profile, privacy customizations, privacy notice generator, and more.
  5. Privacy Worksheet Viewers can review Privacy Worksheets, which contain the privacy analysis and recommendations for launches.
  6. Privacy Worksheet Editors can edit Privacy Worksheets, including any privacy impact assessments for the launch.
  7. Launch Managers can delete launches, reset the approval status of your review teams, and recover deleted launches.
  8. Third Party Assessment Viewers can create, send, and manage Third Party Assessments. Visit this article to learn more. 
  9. Observer: This is currently the only permission that restricts what a user can do as opposed to granting them additional abilities. The Observer permission is intended to be given to users who may want to observe your program on TerraTrue but otherwise not make changes to it. For example, you may want to grant the Observer permission to your compliance team or to an external legal counsel. While you may add additional permissions to a user who has the Observer permission, those added permissions may not fully take effect for those users; the Observer user is prevented from making sensitive modifications such as creating Data Specs, managing organization settings or deleting launches.
  10. Outbound Webhook Manager: Allows users to view or modify the outbound webhooks for an organization, both as TerraTrue users and as external API users.
  11. Data Catalog Admins can set up new ingestion sources.
  12. Data Catalog Editors can edit datasets or classifications.
  13. Data Catalog Viewers can view the Data Catalog and all scanned datasets.

You can use Identity & Access Management to set org-wide permissions (just edit the permissions for “Everyone *”) or specific permissions for individuals and review teams. For example, you might want to give everyone in your Privacy review team the Privacy Worksheet Viewers and Privacy Worksheet Editors permissions. To do this, click the "Review Teams" tab and then assign those permissions to the "Privacy" team.

For more information about user permissions on TerraTrue, check out our detailed guide.

Important note

Any permissions you grant to “Everyone *” will apply to any non-Observers in your organization, even if the permissions for an individual user are more restrictive.

 

Was this article helpful?
0 out of 0 found this helpful