![Hyperproof.Io [Test] Help Center](https://downloads.intercomcdn.com/i/o/xgk1dxp2/757668/427b255f2659cc7e0853d6a00ec1/628914ae2617199b7d999ba797a5305a.png)
Compliance manager-contributors can do the following:
Access reviews
Action | Yes | No |
Create an access review | X |
|
Open an access review (if tile is visible) | X |
|
Edit access review details |
| X |
Link and unlink proof |
| X |
Link and unlink controls or labels |
| X |
Create, view, and delete applications (if visible) |
| X |
Import records |
| X |
Create and delete tasks |
| X |
Generate access review proof |
| X |
Archive and unarchive an access review |
| X |
Join an access review facepile |
| X |
Edit 'Maintain access' and 'Access notes' |
| X |
Edit 'Access updated' and 'Admin notes' |
| X |
Assessments
Action | Yes | No |
Create an assessment | X |
|
Link controls and requirements to or from an assessment they're a member of | X |
|
Use the assessment's Activity Feed | X |
|
Add members to an assessment they're a member of |
| X |
Export proof from an assessment they're a member of |
| X |
Export an assessment they're a member of |
| X |
Archive and unarchive an assessment they're a member of |
| X |
Audits
Action | Yes | No |
Create an audit | X |
|
Edit an audit they've created or are a member of | X |
|
Use the audit's Activity Feed | X |
|
Add members to an audit they're a member of |
| X |
Archive and unarchive an audit they're a member of |
| X |
Export proof from an audit they're a member of |
| X |
Export an audit they're a member of |
| X |
Controls
Action | Yes | No |
Create a control | X |
|
Edit a control they're a member of, including control health | X |
|
Change the freshness status and 'fresh as of' date on a control they're a member of |
| X |
Link and unlink requirements, proof, labels, tasks, and risks to or from a control they're a member of | X |
|
Add members to a control they're a member of | X |
|
Use the control's Activity Feed | X |
|
Create and maintain a Hypersync or repeating task on a control they're a member of | X |
|
Add notes to a control they're a member of | X |
|
Add a scope assignment to a control they're a member of | X |
|
Import and export a control they're a member of | X |
|
View program-level controls they're not a member of | X |
|
Use the crosswalk view | X |
|
Archive and unarchive a control they're a member of |
| X |
View controls they're not a member of |
| X |
Import scopes or scope assignments |
| X |
Turn on freshness or change the freshness duration on a control. |
| X |
Evaluations
Action | Yes | No |
Create an evaluation | X |
|
Archive an evaluation they're a member of | X |
|
Edit an evaluation they're a member of | X |
|
Use the evaluation's Activity Feed | X |
|
Unarchive an evaluation they're a member of |
| X |
Add members to an evaluation |
| X |
Link and unlink proof and affected objects to or from an evaluation |
| X |
Link and unlink a task to or from an evaluation they're a member of |
| X |
Import and export evaluations |
| X |
Issues
Action | Yes | No |
Create an issue | X |
|
Edit an issue they're a member of |
| X |
Add members to issues they're a member of | X |
|
Archive an issue they're a member of | X |
|
Import and export an issue they're a member of | X |
|
Use the issue's Activity Feed | X |
|
Link and unlink proof to or from an issue they're a member of | X |
|
Link and unlink affected objects to or from an issue they're a member of | X |
|
Customize an issue's health |
| X |
Unarchive an issue |
| X |
Policies
Action | Yes | No |
View the list of policies | X |
|
Set policy due date | X |
|
Add a policy | X |
|
Add versions to a policy | X |
|
View current and previous versions of the policy document | X |
|
Add or replace a policy document in a version | X |
|
Add or remove proof from a policy version | X |
|
Download a policy document | X |
|
Link or unlink controls from a policy | X |
|
Add an issue to a policy | X |
|
Export the effective policy document | X |
|
Edit policy details Note: Fields that are editable on the Details tab vary based on your role and the permissions you have been assigned. | X |
|
Add users to a policy |
| X |
Bulk edit policies |
| X |
Change a policy owner |
| X |
Configure a policy approval |
| X |
Archive or unarchive a policy |
| X |
Programs
Action | Yes | No |
Create a new program | X |
|
Turn on program health | X |
|
Edit program details | X |
|
Use the program's Activity Feed | X |
|
Link and unlink controls and proof to or from requirements | X |
|
Add related requirements | X |
|
Jumpstart a new program | X |
|
Export a program | X |
|
Export proof from a program | X |
|
Export requirements | X |
|
Export a SSP report | X |
|
Unarchive a program | X |
|
Add members to a program they're a member of |
| X |
Archive a program |
| X |
Delete proof from a requirement |
| X |
Create and manage custom fields |
| X |
Customize program health and tooltips |
| X |
Import and manage scopes |
| X |
Create groups |
| X |
Proof and labels
Tip: For information on private proof, see Private proof.
Action | Yes | No |
Add proof at the organizational level | X |
|
Download proof | X |
|
View proof they've uploaded or via inherited access from a linked object | X |
|
Create a new label | X |
|
Import and export a label they're a member of | X |
|
Link and unlink controls, proof, and tasks to and from a label they're a member of | X |
|
Create and maintain a Hypersync or repeating task on a label they're a member of | X |
|
Manage freshness on a label they're a member of | X |
|
Use the label's Activity Feed | X |
|
Archive and unarchive a label they're a member of |
| X |
Edit a label they're a member of |
| X |
Add members to a label they're a member of |
| X |
Change a label's status |
| X |
View labels they're not a member of |
| X |
Questionnaires
Note: The actions below pertain to compliance managers with contributor permissions who are members of the Vendor Register.
Action | Yes | No |
Create a questionnaire | X |
|
Import a questionnaire | X |
|
View and edit a questionnaire | X |
|
Send and cancel a questionnaire | X |
|
Send a questionnaire to multiple vendors | X |
|
Send a questionnaire reminder to a vendor | X |
|
Use a questionnaire's Activity Feed | X |
|
Unlink a label from a questionnaire |
| X |
Archive and unarchive a questionnaire |
| X |
Link a label to a questionnaire |
| X |
Export a questionnaire |
| X |
Requests
Note: To view request proof, users must fall into one of three categories:
Be a manager of the audit - In the Audits module, managers have access to all proof within an audit.
If you are the manager of a request, but a contributor of the audit without any inherited access, you cannot view proof linked to the request. This helps protect sensitive data that some users shouldn’t see. As a result, only managers can export audit proof.
Have inherited manager access from a control or label
Have inherited contributor access from a control or label
Further, external auditors can only view the Proof and Audits tabs, and can only view proof when a request’s status is set to Submitted to auditor.
Action | Yes | No |
Create a request | X |
|
Edit a request they're a member of | X |
|
Import and export a request they're a member of | X |
|
Link and unlink proof to or from a request they're a member of | X |
|
Link and unlink affected objects to or from a request they're a member of | X |
|
Link and unlink a task to or from a request they're a member of | X |
|
Change the status of a request they're a member of | X |
|
Use a request's Activity Feed | X |
|
Add members to a request they're a member of |
| X |
Archive and unarchive a request they're a member of |
| X |
Link and delete attachments to or from a request they're a member of |
| X |
Convert attachments to proof on requests they're a member of |
| X |
Risks
Note: The actions below pertain to compliance managers with contributor permissions who are members of the Risk Register.
Action | Yes | No |
Create a risk | X |
|
View Risk Registers they're a member of | X |
|
Import and export risks | X |
|
Edit risks | X |
|
Use the Risk Register's Activity Feed | X |
|
Use a risk's Activity Feed | X |
|
Edit risk health | X |
|
Edit the owner of a risk |
| X |
Link and unlink controls, proof, labels, and tasks to or from a risk | X |
|
Create notes on a risk | X |
|
Add members to a Risk Register |
| X |
Archive and unarchive a risk |
| X |
Upgrade to advanced mitigation |
| X |
Customize the Risk Register |
| X |
Create a new Risk Register |
| X |
Tasks and repeating tasks
Action | Yes | No |
Create a task or a repeating task | X |
|
Duplicate a task they're a member of | X |
|
Import a task or a repeating task | X |
|
Export a task | X |
|
Link and unlink proof to or from a task they're a member of | X |
|
Change the target of a task or repeating task | X |
|
Use a task or repeating task's Activity Feed | X |
|
Add members to a task they've created |
| X |
Edit a task or repeating task they've created | X |
|
Delete a task or repeating task they've created |
| X |
Delete a task or repeating task they didn't create |
| X |
Delete proof from a task or repeating task |
| X |
Edit a task they didn't create (they can change the assignee, however) |
| X |
Edit a repeating task they didn't create |
| X |
Add members to a task or repeating task they didn't create |
| X |
Add or edit an approval for a task they didn't create |
| X |
Vendors
Note: The actions below pertain to compliance managers with contributor permissions who are members of the Vendor Register.
Action | Yes | No |
Add a new vendor | X |
|
Add a vendor contact | X |
|
Add and edit a vendor owner | X |
|
Import and export vendors | X |
|
Edit vendor information (except vendor owner) | X |
|
Link and unlink a task to or from a vendor | X |
|
Edit the vendor category | X |
|
Edit the vendor status | X |
|
Edit contract dates | X |
|
Edit vendor tolerance and risk | X |
|
Use a vendor's Activity Feed | X |
|
Add members to the Vendor Register |
| X |
Archive and unarchive a vendor |
| X |
Change the vendor owner |
| X |