![Hyperproof.Io [Test] Help Center](https://downloads.intercomcdn.com/i/o/xgk1dxp2/757668/427b255f2659cc7e0853d6a00ec1/628914ae2617199b7d999ba797a5305a.png)
User-managers can do the following:
Access reviews
Action | Yes | No |
Open an access review (if tile is visible) | X |
|
Edit access review details:
| X |
|
Create, view, and delete applications (if visible) | X |
|
Link and unlink controls or labels | X |
|
Import records | X |
|
Create and delete tasks | X |
|
Generate access review proof | X |
|
Archive and unarchive an access review | X |
|
Create an access review |
| X |
Join an access review facepile |
| X |
Edit 'Maintain access' and 'Access notes' |
| X |
Edit 'Access updated' and 'Admin notes' |
| X |
Assessments
Action | Yes | No |
Create an assessment | X |
|
Link controls or requirements to or from an assessment they're a member of | X |
|
Add members to an assessment they're a member of | X |
|
Export proof from an assessment they're a member of | X |
|
Export an assessment they're a member of | X |
|
Use the assessment's Activity Feed | X |
|
Archive and unarchive an assessment they're a member of | X |
|
Audits
Action | Yes | No |
Edit an audit they've created or are a member of | X |
|
Add members to an audit they're a member of | X |
|
Use the audit's Activity Feed | X |
|
Archive and unarchive an audit they're a member of | X |
|
Export proof from an audit they're a member of | X |
|
Export an audit they're a member of | X |
|
Create an audit |
| X |
Controls
Action | Yes | No |
Create a control | X |
|
Edit a control they're a member of, including control health | X |
|
Turn on and edit freshness on a control they're a member of | X |
|
Link and unlink requirements, proof, labels, tasks, and risks to or from a control they're a member of | X |
|
Add members to a control they're a member of | X |
|
Use the control's Activity Feed | X |
|
Create and maintain a Hypersync or repeating task on a control they're a member of | X |
|
Add notes to a control they're a member of | X |
|
Add a scope to a control they're a member of | X |
|
Import and export a control they're a member of | X |
|
Archive and unarchive a control they're a member of | X |
|
View program-level controls they're not a member of | X |
|
Use the crosswalk view | X |
|
View controls they're not a member of |
| X |
Import scopes or scope assignments |
| X |
Evaluations
Action | Yes | No |
Create an evaluation | X |
|
Add members to an evaluation they're a member of | X |
|
Import and export an evaluation they're a member of | X |
|
Archive and unarchive an evaluation they're a member of | X |
|
Link proof and affected objects to an evaluation they're a member of | X |
|
Unlink proof and affected objects from an evaluation they've created | X |
|
Link and unlink a task to or from an evaluation they're a member of | X |
|
Use the evaluation's Activity Feed | X |
|
Issues
Action | Yes | No |
Create an issue | X |
|
Edit an issue they're a member of | X |
|
Add members to issues they're a member of | X |
|
Archive and unarchive an issue they're a member of | X |
|
Import and export an issue they're a member of | X |
|
Use the issue's Activity Feed | X |
|
Link and unlink proof to or from an issue they're a member of | X |
|
Link and unlink affected objects to or from an issue they're a member of | X |
|
Customize an issue's health |
| X |
Policies
Action | Yes | No |
View the list of policies | X |
|
Set policy due date |
| X |
Add a policy |
| X |
Add versions to a policy | X |
|
View current and previous versions of the policy document | X |
|
Add or replace a policy document in a version | X |
|
Add or remove proof from a policy version | X |
|
Download a policy document | X |
|
Link or unlink controls from a policy | X |
|
Add an issue to a policy | X |
|
Export the effective policy document | X |
|
Add users to a policy | X |
|
Edit policy details Note: Fields that are editable on the Details tab vary based on your role and the permissions you have been assigned. | X |
|
Bulk edit policies | X |
|
Change a policy owner | X |
|
Configure a policy approval | X |
|
Archive or unarchive a policy | X |
|
Programs
Action | Yes | No |
Turn on program health | X |
|
Edit program details | X |
|
Add members to a program they're a member of | X |
|
Use the program's Activity Feed | X |
|
Link and unlink controls and proof to or from requirements | X |
|
Add related requirements | X |
|
Export a program | X |
|
Export proof from a program | X |
|
Archive and unarchive a program | X |
|
Export requirements | X |
|
Export a SSP report | X |
|
Create a new program or a custom program |
| X |
Create and manage custom fields |
| X |
Customize program health and tooltips |
| X |
Import and manage scopes |
| X |
Jumpstart a new program |
| X |
Delete proof from a requirement |
| X |
Create groups |
| X |
Proof and labels
Tip: For information on private proof, see Private proof.
Action | Yes | No |
Add proof at the organizational level | X |
|
Download proof | X |
|
View proof they've uploaded or via inherited access from a linked object | X |
|
Create a new label r |
| X |
Import and export a label they're a member of | X |
|
Edit a label they're a member of, including label details | X |
|
Link and unlink controls, proof, and tasks to and from a label they're a member of | X |
|
Create and maintain a Hypersync or repeating task on a label they're a member of | X |
|
Manage freshness on a label they're a member of | X |
|
Add members to a label they're a member of | X |
|
Use the label's Activity Feed | X |
|
Archive and unarchive a label they're a member of | X |
|
View labels they're not a member of |
| X |
Questionnaires
Note: The actions below pertain to users with manager permissions who are members of the Vendor Register.
Action | Yes | No |
Create a questionnaire | X |
|
Import and export a questionnaire | X |
|
View and edit a questionnaire | X |
|
Send and cancel a questionnaire | X |
|
Send a questionnaire to multiple vendors | X |
|
Send a questionnaire reminder to a vendor | X |
|
Link and unlink labels to or from a questionnaire | X |
|
Archive and unarchive a questionnaire | X |
|
Use a questionnaire's Activity Feed | X |
|
Requests
Note: To view request proof, users must fall into one of three categories:
Be a manager of the audit - In the Audits module, managers have access to all the proof within an audit.
If you are the manager of a request, but a contributor on the audit without any inherited access, you cannot view the proof linked to the request. This helps protect sensitive data that some users shouldn’t see. As a result, only managers can export audit proof.
Have inherited manager access from a control or label
Have inherited contributor access from a control or label
Further, external auditors can only view the Proof and Audits tabs, and can only view proof when a request’s status is set to Submitted to auditor.
Action | Yes | No |
Create a request | X |
|
Edit a request they're a member of | X |
|
Add members to a request they're a member of | X |
|
Import and export a request they're a member of | X |
|
Link and unlink proof to or from a request they're a member of | X |
|
Link and unlink affected objects to or from a request they're a member of | X |
|
Link and unlink a task to or from a request they're a member of | X |
|
Change the status of a request they're a member of | X |
|
Archive and unarchive a request they're a member of | X |
|
Use a request's Activity Feed | X |
|
Link and delete attachments to or from a request they're a member of | X |
|
Convert attachments to proof on requests they're a member of | X |
|
Risks
Note: The actions below pertain to users with manager permissions who are members of the Risk Register.
Action | Yes | No |
Create a risk | X |
|
View Risk Registers they're a member of | X |
|
Import and export risks | X |
|
Add members to a Risk Register they're a member of | X |
|
Edit risks | X |
|
Use the Risk Register's Activity Feed | X |
|
Use a risk's Activity Feed | X |
|
Edit risk health | X |
|
Edit the owner of a risk |
| X |
Link and unlink controls, proof, labels, and tasks to or from a risk | X |
|
Create notes on a risk | X |
|
Archive and unarchive a risk | X |
|
Upgrade to advanced mitigation |
| X |
Customize the Risk Register |
| X |
Create a new Risk Register |
| X |
Tasks and repeating tasks
Action | Yes | No |
Create a task or a repeating task | X |
|
Duplicate a task they're a member of | X |
|
Import a task or a repeating task | X |
|
Export a task | X |
|
Link and unlink proof to or from a task they're a member of | X |
|
Add members to a task they're a member of | X |
|
Edit a task or repeating task they're a member of | X |
|
Delete a task or repeating task they're a member of | X |
|
Change the target of a task or repeating task | X |
|
Use a task or repeating task's Activity Feed | X |
|
Add or edit an approval for a task they didn't create | X |
|
Delete a task or repeating task they didn't create |
| X |
Delete proof from a task or repeating task |
| X |
Edit a task they didn't create (they can change the assignee, however) |
| X |
Edit a repeating task they didn't create |
| X |
Add members to a task or repeating task they didn't create |
| X |
Vendors
Note: The actions below pertain to users with manager permissions who are members of the Vendor Register.
Action | Yes | No |
Add a new vendor | X |
|
Add a vendor contact | X |
|
Add members to the Vendor Register | X |
|
Add and edit a vendor owner | X |
|
Import and export vendors | X |
|
Edit vendor information | X |
|
Link and unlink a task to or from a vendor | X |
|
Archive and unarchive a vendor | X |
|
Edit the vendor category | X |
|
Edit the vendor status | X |
|
Edit contract dates | X |
|
Edit vendor tolerance and risk | X |
|
Use a vendor's Activity Feed | X |
|