Access the User Management Page to create and edit users. To tailor each user's access to certain platform functionalities, assign them one or more appropriate roles.
User Roles and Notifications
Account Administrator
This role is for the primary user(s) of the ProcessUnity Exchange platform and requires administrative access to all functions.
Details:
- Granted all platform permissions.
- Multiple users can have this role. There must always be at least one user with this role.
- This is the only role that can grant other users the Account Administrator role and remove users from it.
Platform User Manager
This role is for users who may be responsible for adding or editing user accounts within your organization but are not required to receive the platform notifications associated with the Account Administrator role.
Details:
- Able to add, deactivate, and modify your organization’s user accounts and specific user permissions.
- Able to assign API tokens to other users in the company account.
- Unable to assign or revoke Account Administrator role (See Account Administrator).
Assessment Owner
This role is for users who are primary contributors responsible for completing your organization's ProcessUnity GRX assessment.
Details:
- The primary point of contact when completing the ProcessUnity GRX assessment.
- Responsible for submission of the ProcessUnity Exchange questionnaire and for initiating validation rounds.
- Able to upload and manage evidence documents
- The primary point of contact for the validation process, when applicable.
- Does not receive requests or have rights to authorize the release of assessment data (see Data Request Authorizer or Customer Portfolio Manager).
Assessment Contributor
This role is for users who are supporting or primary contributors responsible for completing the ProcessUnity GRX assessment.
Details:
- Able to contribute to completing the assessment but cannot submit a completed assessment, nor can they initiate a validation round.
- Able to upload and manage evidence documents
- Does not receive platform notifications regarding assessment progress or updates.
- Does not receive requests or have rights to authorize the release of assessment data (see Data Request Authorizer or Customer Portfolio Manager).
Data Request Authorizer
This role is for users who are the primary contacts responsible for responding to customer requests for your organization's security assessment data.
Details:
- Receives email notifications when a customer requests your organization’s ProcessUnity GRX report.
- Able to approve or deny access to the ProcessUnity GRX report and all associated assessment results for your organization.
- Able to proactively share your organization’s ProcessUnity GRX assessment results with specified customers.
- Able to answer and make changes to control answers but not have rights to submit your assessment (see Assessment Owner).
Customer Portfolio Manager
This role is for users responsible for managing your company's customer ecosystem, customer requests, and updates to your company's risk posture and profile in the Exchange.
Details:
- Able to approve or deny access to your company's ProcessUnity GRX Report and all associated assessment results.
- Able to proactively share your organization’s ProcessUnity GRX assessment results with specified customers.
- Able to answer and make changes to control answers but not have rights to submit your assessment (see Assessment Owner).
Third-Party Portfolio Manager
This role is for users primarily responsible for building out your company's third-party Ecosystem, managing relationship data, and requesting security assessments from third parties.
Details:
- Only available for customers of ProcessUnity GRX.
- Able to add third-party companies to your organization's ecosystem.
- Able to edit third-party organization’s contact information and risk tiering.
- Able to edit Auto Inherent Risk/ Impact Questionnaire answers for all third parties in your ecosystem.
- Able to request access to third party's ProcessUnity GRX data and accept access to the third party's ProcessUnity GRX data.
Business Relationship Manager
This role is for users who may be supporting the activities carried out by the Third-Party Portfolio Manager.
Details:
- Only available for customers of ProcessUnity GRX.
- Able to add third-party companies to your organization's ecosystem.
- Able to edit third-party organization’s primary activity, contact information, and risk tiering.
- Able to edit Auto Inherent Risk/ Impact Questionnaire answers for all third parties in your ecosystem.
- Able to request access to the ProcessUnity GRX data of third parties in your organization's ecosystem.
- Able to view Share Invitations from third parties in your organization's ecosystem.
Read Only Role
This role is for users who do not need to be able to request data, authorize data access, or edit data for the company's profile.
Details:
- Only available for customers of ProcessUnity GRX
- Default role for new SSO users
- Applicable to Customer and/or Third Party users
- User will not receive any Platform notifications or alerts