Contributor roles in Projects

Users assigned a Contributor role (Contributor Manager, Contributor Tester, Contributor User) can collaborate with audit, risk, and compliance teams using the Contributor Dashboard.

How it works

The Contributor Dashboard presents a subset of information from the Projects app in a simplified and centralized view. Users assigned a Contributor role can use the Contributor Dashboard to manage information, such as:

  • updating narrative and control definitions
  • testing the design and operational effectiveness of controls
  • assisting with issue remediation activities
  • creating (Contributor Testers only) and responding to requests
  • following up on actions or to-dos
Note

The Contributor Dashboard only displays to users assigned the Contributor Manager, Contributor Tester, or Contributor User role. Users assigned other roles have access to additional tabs and functionality within a project.

Use cases

Use of the Contributor Manager, Contributor Tester, and Contributor User roles depends on the appetite of the Audit or SOX team and how much work they want to delegate back to the business.

  • In larger organizations, the Contributor Manager role is intended for managers that need to oversee narratives, controls, requests, and issue remediation.
  • In an Audit or SOX landscape where control testing is delegated to managers, the person responsible for testing controls is usually assigned the Contributor Tester role.
  • People that are responsible for performing control activities are typically assigned the Contributor User role.

Example

Administering access to an ITGC Audit

Scenario

You are a Professional Manager that needs to administer access to an ITGC Audit. An IT Director and IT staff member need access to the ITGC Audit.

The IT Director needs the ability to oversee all narratives, controls, requests, and issues. The IT staff member needs to be able to test controls, as the organization has decided to delegate control testing to functional business owners.

Process

To grant access to the ITGC Audit you created, you assign the following roles to each person:

  • IT Director Contributor Manager
  • IT staff member Contributor Tester

Finally, you assign specific control tests to the Contributor Tester.

Result

Each person is assigned the appropriate permissions and can begin working in Projects.

Contributor Manager access

When teams work with clients, they often also work with managers who need access to the entire project. Assigning a user as a Contributor Manager ensures that they have access to all items within a project, and enables them to follow-up with specific items, if necessary.

Note

  • Interface terms are customizable, and fields and tabs are configurable. In your instance of Diligent One, some terms, fields, and tabs may be different.
  • If a required field is left blank, you will see a warning message: This field is required. Some custom fields may have default values.

   = Read and write access for all items

*= Read and write access only for items they created

   = Respond-only access for items assigned to them

   = Read-only access for all items

* = Read-only access when control performance is enabled

= No access

Project item Contributor Manager access
Objectives
Narratives
Risks
Controls
Walkthroughs *
Tests
Published issues
Actions of published issues *
Requests
To-dos *

Contributor User access

Users assigned the Contributor User role only have access to items they have been assigned. Depending on their assigned part in the project (Control Owner, Action Owner, Issue Owner, etc.), users assigned the Contributor User role can have edit, read-only, or no access to individual items.

Levels of access

You can control Contributor User role access to project items on different levels:

Note

  • Interface terms are customizable, and fields and tabs are configurable. In your instance of Diligent One, some terms, fields, and tabs may be different.
  • If a required field is left blank, you will see a warning message: This field is required. Some custom fields may have default values.
Level Assigned part in the project Useful for...
Objectives
  • Objective Owner
  • Executive Owner
managers and executives that are responsible for an entire objective
Controls

Control Owner

employees that are only responsible for single controls

Published issues

Actions of published issues

  • Issue Owner
  • Issue Executive Owner
  • Project Owner
  • Action Owner
managers that are responsible for issues or employees that are responsible for actions (specific follow-up measures associated with an identified issue)
Requests Request Owner managers or employees responsible for fulfilling requests

Contributor User access

   = Write access

Note

* = Control Owners and Request Owners can only edit items assigned to them. 

** = Read and write access only for items they created

   = Respond-only access for items assigned to them

   = Read access

   = No access

  Item Assigned part in the project
  • Objective Owner
  • Executive Owner
Control Owner
  • Issue Owner
  • Issue Executive Owner
  • Project Owner
  • Action Owner
Request Owner
Objectives
Narratives
Risks
Controls
Walkthroughs
Tests

Published issues

Actions of published issues

**

Requests
To-dos

Contributor Tester access

Users assigned the Contributor Tester role have the same permissions as Contributor Users, with the addition of read and write access to walkthroughs and control tests they own, and the ability to create issues and requests.

Levels of access

You can control Contributor Tester role access to project items on different levels:

Note

  • Interface terms are customizable, and fields and tabs are configurable. In your instance of Diligent One, some terms, fields, and tabs may be different.
  • If a required field is left blank, you will see a warning message: This field is required. Some custom fields may have default values.
Level Assigned part in the project Useful for...
Objectives
  • Objective Owner
  • Executive Owner
managers and executives that are responsible for an entire objective
Controls

Control Owner

employees that are only responsible for single controls

Published issues

Actions of published issues

  • Issue Owner
  • Issue Executive Owner
  • Project Owner
  • Action Owner
managers that are responsible for issues or employees that are responsible for actions (specific follow-up measures associated with an identified issue)
Requests Request Owner managers or employees responsible for fulfilling requests

Contributor Tester access

   = Write access

Note

* = Control Owners can only edit items assigned to them.

** = Read and write access only for items they created

*** = Read, write, and delete access only for items they created; read and write access only for items they created or that are assigned to them

 = Respond-only access for items assigned to them

 = Read access

* = Read access for items assigned to them

   = No access

  Item Assigned part in the project
  • Objective Owner
  • Executive Owner
Control Owner
  • Issue Owner
  • Issue Executive Owner
  • Project Owner
  • Action Owner
Request Owner
Objectives
Narratives
Risks
Controls
Walkthroughs
Tests

Published issues

**

*

**

*

**

*

Actions of published issues

**

Requests *** *** *** ***
To-dos