CISO Assistant
  • 👋Welcome to CISO Assistant
  • Guide
    • Installation
    • Understanding decoupling
    • General tips
    • Journeys
    • 🏗️Creating your first perimeter
    • ✅Creating your first Audit
    • 📊Creating your first risk assessment
    • 🔎Overview
    • 🧰Extra tools
    • 🌐External resources
    • Understand mapping
    • Glossary
    • Data import wizard
  • Features highlight
    • Controls autosuggestion
    • Multi-level support
    • Flash mode
    • Evidences from clipboard
    • Library upgrade
    • Mapping explorer
    • SSO
      • Microsoft Entra ID
      • Okta
      • Keycloak
      • Google Workplace
    • Setting up Multi-Factor Authentication (MFA)
  • Model
    • 📁Organization
      • Add and manage users
      • User Groups
    • ⚙️Context
    • 🏛️Governance
    • 💣Risk
    • 📋Compliance
  • Deployment
    • Prerequisites
    • Local
    • Remote/Virtualization
    • Deploy on a VPS
    • Frequent questions
    • Setting up mailer
    • Updating your local instance
    • Helm Chart
    • Special cases
    • Upgrading a library
  • ✨Customization
    • Getting your custom framework
    • CIS Controls
    • Changing the language
  • Contributing
    • Internationalization
      • Translating the interface
    • Submit a library
  • Academy
    • Overview
    • Third Parties Risk Management
    • Etude EBIOS RM
Powered by GitBook

Community

  • Github
  • Discord

intuitem

  • Home
  • SaaS trial

© intuitem, 2018-2024

On this page
  • Roles
  • Global user groups
  • Domain user groups

Was this helpful?

Export as PDF
  1. Model
  2. Organization

User Groups

User groups are built-in objects giving permissions to all users inside of them, with a specific role across a scope.

For now, it is not possible to create custom role assignments so you need to use built-in user groups. They are linking a domain with a role which contains precise permissions, that will be given to users in this group.

Roles

Let's give some details on the 5 built-in roles:

Role
Permissions

Administrator

full access (except approval), and specifically management of domains, users and users rights

Domain manager

full access to selected domains (except approval), in particular managing rights for these domains. Read access to global objects

Analyst

read-write access to selected perimeters/domains. Read access to global and domain objects

Auditor

read access to selected perimeters/domains

Approver

like reader, but with additional capability to approve risk acceptances

Django superuser is given administrator rights automatically on startup.

Global user groups

Once your instance is created, three user groups are already present:

  • Global - Administrator

  • Global - Approver

  • Global - Auditor

They give corresponding permissions on Global scope so on every object of your instance.

Domain user groups

They are created for each domain you add. For example, if you create a domain R&D, there will be:

  • R&D - Domain Manager

  • R&D - Analyst

  • R&D - Approver

  • R&D - Auditor

They give corresponding permissions on the domain scope so on every object inside R&D.

PreviousAdd and manage usersNextContext

Last updated 2 months ago

Was this helpful?

📁