Contributor roles in Projects
Users assigned a Contributor role (Contributor Manager, Contributor Tester, Contributor User) can collaborate with audit, risk, and compliance teams using the Contributor Dashboard.
How it works
The Contributor Dashboard presents a subset of information from the Projects app in a simplified and centralized view. Users assigned a Contributor role can use the Contributor Dashboard to manage information, such as:
- updating narrative and control definitions
- testing the design and operational effectiveness of controls
- assisting with issue remediation activities
- creating (Contributor Testers only) and responding to requests
- following up on actions or to-dos
The Contributor Dashboard only displays to users assigned the Contributor Manager, Contributor Tester, or Contributor User role. Users assigned other roles have access to additional tabs and functionality within a project.
Use cases
Use of the Contributor Manager, Contributor Tester, and Contributor User roles depends on the appetite of the Audit or SOX team and how much work they want to delegate back to the business.
- In larger organizations, the Contributor Manager role is intended for managers that need to oversee narratives, controls, requests, and issue remediation.
- In an Audit or SOX landscape where control testing is delegated to managers, the person responsible for testing controls is usually assigned the Contributor Tester role.
- People that are responsible for performing control activities are typically assigned the Contributor User role.
Example
Administering access to an ITGC Audit
Scenario
You are a Professional Manager that needs to administer access to an ITGC Audit. An IT Director and IT staff member need access to the ITGC Audit.
The IT Director needs the ability to oversee all narratives, controls, requests, and issues. The IT staff member needs to be able to test controls, as the organization has decided to delegate control testing to functional business owners.
Process
To grant access to the ITGC Audit you created, you assign the following roles to each person:
- IT Director Contributor Manager
- IT staff member Contributor Tester
Finally, you assign specific control tests to the Contributor Tester.
Result
Each person is assigned the appropriate permissions and can begin working in Projects.
Contributor Manager access
When teams work with clients, they often also work with managers who need access to the entire project. Assigning a user as a Contributor Manager ensures that they have access to all items within a project, and enables them to follow-up with specific items, if necessary.
Note
- Interface terms are customizable, and fields and tabs are configurable. In your instance of Diligent One, some terms, fields, and tabs may be different.
- If a required field is left blank, you will see a warning message: This field is required. Some custom fields may have default values.
= Read and write access for all items
*= Read and write access only for items they created
= Respond-only access for items assigned to them
= Read-only access for all items
* = Read-only access when control performance is enabled
= No access
| Project item | Contributor Manager access |
|---|---|
| Objectives |
|
| Narratives |
|
| Risks |
|
| Controls |
|
| Walkthroughs |
*
|
| Tests |
|
| Published issues |
|
| Actions of published issues | *
|
| Requests |
|
| To-dos | *
|
Contributor User access
Users assigned the Contributor User role only have access to items they have been assigned. Depending on their assigned part in the project (Control Owner, Action Owner, Issue Owner, etc.), users assigned the Contributor User role can have edit, read-only, or no access to individual items.
Levels of access
You can control Contributor User role access to project items on different levels:
Note
- Interface terms are customizable, and fields and tabs are configurable. In your instance of Diligent One, some terms, fields, and tabs may be different.
- If a required field is left blank, you will see a warning message: This field is required. Some custom fields may have default values.
| Level | Assigned part in the project | Useful for... |
|---|---|---|
| Objectives |
|
managers and executives that are responsible for an entire objective |
| Controls |
Control Owner |
employees that are only responsible for single controls |
|
managers that are responsible for issues or employees that are responsible for actions (specific follow-up measures associated with an identified issue) | |
| Requests | Request Owner | managers or employees responsible for fulfilling requests |
Contributor User access
= Write access
* = Control Owners and Request Owners can only edit items assigned to them.
** = Read and write access only for items they created
= Respond-only access for items assigned to them
= Read access
= No access
| Item | Assigned part in the project | |||
|---|---|---|---|---|
|
Control Owner |
|
Request Owner | |
| Objectives |
|
|
|
|
| Narratives |
|
|
|
|
| Risks |
|
|
|
|
| Controls |
|
*
|
|
|
| Walkthroughs |
|
|
|
|
| Tests |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Requests |
|
|
|
*
|
| To-dos |
|
|
|
|
Contributor Tester access
Users assigned the Contributor Tester role have the same permissions as Contributor Users, with the addition of read and write access to walkthroughs and control tests they own, and the ability to create issues and requests.
Levels of access
You can control Contributor Tester role access to project items on different levels:
Note
- Interface terms are customizable, and fields and tabs are configurable. In your instance of Diligent One, some terms, fields, and tabs may be different.
- If a required field is left blank, you will see a warning message: This field is required. Some custom fields may have default values.
| Level | Assigned part in the project | Useful for... |
|---|---|---|
| Objectives |
|
managers and executives that are responsible for an entire objective |
| Controls |
Control Owner |
employees that are only responsible for single controls |
|
managers that are responsible for issues or employees that are responsible for actions (specific follow-up measures associated with an identified issue) | |
| Requests | Request Owner | managers or employees responsible for fulfilling requests |
Contributor Tester access
= Write access
* = Control Owners can only edit items assigned to them.
** = Read and write access only for items they created
*** = Read, write, and delete access only for items they created; read and write access only for items they created or that are assigned to them
= Respond-only access for items assigned to them
= Read access
* = Read access for items assigned to them
= No access
| Item | Assigned part in the project | |||
|---|---|---|---|---|
|
Control Owner |
|
Request Owner | |
| Objectives |
|
|
|
|
| Narratives |
|
|
|
|
| Risks |
|
|
|
|
| Controls |
|
*
|
|
|
| Walkthroughs |
|
*
|
|
|
| Tests |
|
*
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Requests | ***
|
***
|
***
|
***
|
| To-dos |
|
|
|
|
