1. By default, the Global Administrators profile receives permission to all system privileges.
2. By default, the System Users profile receives permission to the following privileges:
ACCESS the Home Module
SEARCH Content (see Note 1)
3. By default, the Administrators profile receives permission to the following privileges:
ACCESS Online Support
ACCESS the Administration Module
MANAGE Access Rules
MANAGE Audit Log
MANAGE Corporate Messages
MANAGE Custom Modules
MANAGE Customizations
MANAGE Integrations
MANAGE Scheduled Reports
MANAGE System Settings
VIEW System Information
4. By default, the Organization Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Organization Module
CANCEL Interviews
CANCEL Organizational Projects
CLOSE Organizational Projects
DELETE Organizational Projects
EDIT Business Components
EDIT Properties of an Organizational Project
EDIT the Scope of an Organizational Project
GENERATE Integrated Overview of Business Components
GENERATE Organizational Reports
MANAGE Business Components
MANAGE Corporate Messages
MANAGE Groups of People
MANAGE Organizational Queries
MANAGE Organizational Report Templates
MANAGE People
MANAGE the Organizational Structure
REGISTER Organizational Projects
REOPEN Projects
SEND Interviews
VIEW Interview Results
VIEW the List and Properties of Organizational Projects
VIEW the Organizational Structure
5. By default, the Organization Module Users profile receives permission to the following privilege:
ACCESS the Organization Module
6. By default, the Asset Risk Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Risk Module
ANALYZE Asset Risks
CANCEL Risk Management Projects
CLOSE Asset Risk Analysis
CLOSE Risk Management Projects
DELETE Risk Management Projects
EVALUATE Asset Risks
GENERATE Risk Reports
IMPORT Occurrences of Vulnerabilities
INVENTORY – Edit Analysis Parameters for Risk Management Projects
INVENTORY – Edit Properties of Risk Management Projects
INVENTORY – Edit Scope of Risk Management Projects
MANAGE Asset Risk Report Templates
MANAGE Corporate Messages
MANAGE Risk Queries
MONITOR Treatment Events
REGISTER Risk Management Projects
REOPEN Asset Risk Analysis
REOPEN Risk Management Projects
VIEW Analysis Statistics
VIEW List and Properties of Risk Management Projects
VIEW Scope of Risk Management Projects
7. By default, the Risk Module Users profile receives permission to the following privilege:
ACCESS the Risk Module
8. By default, the Creators of Risk Projects profile receives permission to the following privileges:
ACCESS the Risk Module
INVENTORY – Edit Scope of Risk Management Projects
REGISTER Risk Management Projects
VIEW Scope of Risk Management Projects
9. By default, the Compliance Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Compliance Module
ANALYZE Compliance
CANCEL Compliance Projects
CLOSE Compliance Projects
DELETE Compliance Projects
EVALUATE Non-Compliances
GENERATE Compliance Analysis Reports
INVENTORY – Edit Properties of Compliance Projects
INVENTORY – Edit Requirements of Compliance Projects
INVENTORY – Edit Scope of Compliance Projects
MANAGE Compliance Queries
MANAGE Compliance Report Templates
MANAGE Corporate Messages
MONITOR Treatment Events
REGISTER Compliance Projects
REOPEN Compliance Projects
VIEW List and Properties of Compliance Projects
10. By default, the Compliance Module Users profile receives permission to the following privilege:
ACCESS the Compliance Module
11. By default, the Knowledge Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Knowledge Module
EDIT Authoritative Documents
EDIT Knowledge Bases
EDIT Surveys
EXPORT and IMPORT Knowledge Updates
GENERATE Cross-Reference Reports
GENERATE Knowledge Base Reports
IMPORT Authoritative Documents
IMPORT Knowledge Bases
IMPORT Surveys
IMPORT Vulnerabilities
MANAGE Authoritative Documents
MANAGE Control and Requirement Mappings
MANAGE Corporate Messages
MANAGE CPE and CCE Records
MANAGE Groupings and Types of Groupings
MANAGE Knowledge Bases
MANAGE Response Sets
MANAGE Surveys
MANAGE Threats and Threat Sources
PUBLISH Authoritative Documents
PUBLISH Knowledge Bases
PUBLISH Response Sets
PUBLISH Surveys
VIEW Authoritative Documents
VIEW History of Knowledge Base Versions
VIEW Knowledge Base Statistics
VIEW Knowledge Bases
VIEW Response Sets
VIEW Surveys
12. By default, the Knowledge Module Users profile receives permission to the following privilege:
ACCESS the Knowledge Module
13. By default, the Workflow Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Workflow Module
ASSOCIATE and DISASSOCIATE Events
CANCEL Events
CLOSE Events
DELETE Cancelled Events
EDIT Event Coordinator Property
EDIT Event Progress
EDIT Events
EDIT Responsible for Event Property
EDIT the Event Type
EXPORT and IMPORT Events
MANAGE Corporate Messages
MANAGE Workflow Queries
REGISTER Events
REOPEN Events
VIEW Event History
VIEW Events
14. By default, Workflow Module Users receive permission to the following privileges:
ACCESS the Workflow Module
REGISTER Events
15. By default, the Chart Editors profile receives permission to the following privileges:
ACCESS the Dashboard Module
MANAGE Charts from the Gallery
VIEW the List of Charts in the Gallery
16. By default, the Dashboard Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Dashboard Module
DELETE Dashboards
EDIT Dashboards
MANAGE Charts from the Gallery
MANAGE Corporate Messages
REGISTER Dashboards
VIEW Dashboards
VIEW the List of Charts in the Gallery
17. By default, the Dashboard Module Users profile receives permission to the following privilege:
ACCESS the Dashboard Module
18. By default, the Policy Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Policy Module
CREATE Policies
EDIT Policies
EXPORT and IMPORT Policies
MANAGE Corporate Messages
PUBLISH Policies
VIEW Policies
19. By default, the Policy Module Users profile receives permission to the following privilege:
ACCESS the Policy Module
20. By default, the Continuity Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Continuity Module
ACCESS the Organization Module
ACCESS the Workflow Module
APPROVE Business Component Data
CREATE Events for Plans
CREATE Plans
CREATE Procedures
DELETE Plans
DELETE Procedures
EDIT Plans
EDIT Procedures
EXPORT and IMPORT Plans
GENERATE Organizational Reports
MANAGE Business Impact Analyses
MANAGE Corporate Messages
MANAGE Customizations for the Continuity Module
MANAGE Organizational Queries
MANAGE Strategies
PUBLISH Plans
PUBLISH Procedures
REGISTER Events
VALIDATE Plans
VIEW Plans
VIEW Procedures
VIEW the Organizational Structure
21. By default, the Continuity Module Users profile receives permission to the following privileges:
ACCESS the Continuity Module
ACCESS the Workflow Module
REGISTER Events
22. By default, the ERM Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the ERM Solution
ACCESS the Workflow Module
CREATE Enterprise Objectives
CREATE Events for Enterprise Risks
CREATE Strategic Objectives
DELETE Enterprise Objectives
DELETE Loss Events
DELETE Risks
DELETE Strategic Objectives
EDIT Enterprise Objectives
EDIT Loss Events
EDIT Risks
EDIT Strategic Objectives
MANAGE Controls
MANAGE Corporate Messages
MANAGE ERM Queries
MANAGE KRIs
MONITOR KRIs
REGISTER Loss Events
REGISTER Risks
VIEW Enterprise Objectives
VIEW Loss Events
VIEW Risk Matrix
VIEW Risks
VIEW Strategic Objectives
23. By default, the ERM Solution Users profile receives permission to the following privilege:
ACCESS the ERM Solution
24. By default, the Dispatch Solution Users profile receives permission to the following privileges:
ACCESS the Dispatch Solution
RUN Aggregated Queries
25. By default, the Operators profile receives permission to the following privileges:
ACCESS the Dispatch Solution
MANAGE Calls
RUN Aggregated Queries
26. By default, the Dispatch Solution Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Dispatch Solution
ACCESS the Organization Module
GENERATE Organizational Reports
MANAGE Audit Log
MANAGE Calls
MANAGE Corporate Messages
MANAGE Customizations for the Dispatch Solution
MANAGE Dispatch Requests
MANAGE Groups of People
MANAGE Organizational Queries
MANAGE Organizational Report Templates
MANAGE People
MANAGE Queries in the Dispatch Solution
MANAGE the Organizational Structure
MONITOR Calls
RUN Aggregated Queries
VIEW the Organizational Structure
27. By default, the Service Units profile receives permission to the following privileges:
ACCESS the Dispatch Solution
ACCESS the Organization Module
MANAGE Calls
RUN Aggregated Queries
VIEW the Organizational Structure
28. By default, the Integration Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Integration Module
EXPORT and IMPORT Layers
MANAGE Audit Log
MANAGE Corporate Messages
MANAGE Queries in the Integration Module
REPLAY Conversation Recordings
RUN Aggregated Queries
SEND Text Messages
VIEW Live Camera Feeds
VIEW Recorded Images
29. By default, the Integration Module Users profile receives permission to the following privileges:
ACCESS the Integration Module
RUN Aggregated Queries
SEND Text Messages
VIEW Live Camera Feeds
VIEW Recorded Images
30. By default, the Event Managers profile receives permission to the following privileges:
ACCESS the Administration Module
ACCESS the Events Solution
CREATE Activities
CREATE Scheduled Events
DELETE Activities
DELETE Scheduled Events
EDIT Activities
EDIT Scheduled Events
GENERATE Scheduled Event Reports
MANAGE Corporate Messages
MANAGE Event Queries
MANAGE Scheduled Event Report Templates
VIEW Activities
VIEW Scheduled Events
31. By default, the Events Solution Users profile receives permission to the following privilege:
ACCESS the Events Solution
32. By default, the Intelligence Solution Managers profile receives permission to the following privileges:
ACCESS Perspectives of Reports from the Intelligence Solution
ACCESS the Administration Module
ACCESS the Intelligence Solution
EDIT Audience of Default Reports of the Intelligence Solution
MANAGE Access Rules
MANAGE Corporate Messages
MANAGE Intelligence Reports
MANAGE Perspectives of Reports of the Intelligence Solution
VIEW Default Reports of the Intelligence Solution
33. By default, the Intelligence Solution Users profile receives permission to the following privileges:
ACCESS Perspectives of Reports from the Intelligence Solution
ACCESS the Intelligence Solution
MANAGE Intelligence Reports
34. By default, the Data Analytics Module Managers profile receives permission to the following privileges:
ACCESS the Data Analytics Module
MANAGE Dashboards
MANAGE SQL Queries
35. By default, the Data Analytics Module Users profile receives permission to the following privileges:
ACCESS the Data Analytics Module
MANAGE Dashboards
Note 1: Permission to the “Access the XYZ Module/Solution” privilege does not grant any additional privileges. However, if permission to this privilege is removed from a profile, users included in it will no longer be able to access the module or solution or execute any of its functions, even if they have other privileges in the module or solution. This is then a privilege that takes precedence over the other more granular ones.
Note 2: The System Users profile by default receives permission to performed indexed searches. Any system user can then search the system, though only objects to which they have permission will be displayed in the results.
Note 3: When a new object is registered, the user becomes its author and, in exercising the role of author, will dynamically receive the permissions granted to the role. Roles cannot be granted permission to create objects, as the object has to first exist for them to be assigned to it.