Results app permissions
Privileges define the level of access, or permissions, that each user has across the Results app. Roles specify the level of access, or permissions, each user has within individual Collections.
Privileges vs. Roles
A privilege defines a user's global access across the app. There are two privileges available:
- Results Admin can configure app settings and create collections
- User no access to app settings and cannot create collections
System Admins with a Professional subscription are automatically granted Results Admin privileges. If you are not a System Admin, you must have a Professional subscription to be granted Results Admin privileges.
Roles apply within an individual collection. A single user may have a different role for each collection, and the role has no implication across the app:
Example
You are a Results Admin user and you create two collections. Your colleague Jill also uses Results, but she has User privileges for the app.
To grant her access to the collections you created, you assign her specific roles in each collection:
- Collection 1 Professional User
- Collection 2 Oversight Executive
In collection 1, Jill has full read and write access however her access to collection 2 is limited to read-only. Although she has varying levels of access within the collections, her app-wide privilege remains User .
Available roles
The following table lists the roles available. For a detailed list of actions per role, see Actions each role can perform.
| Role | Collection access | Type of user |
|---|---|---|
|
Professional Manager |
Grants full read and write access to the collection and collection settings. Note Only users with Results Admin privileges can create collections, and they are automatically granted the Professional Manager role in all collections. |
These users are typically responsible for determining the audit's focus. |
|
Professional User |
Grants full read and write access to the collection. |
Users assigned the Professional User role report to managers, and have limited ability to create collections since they are not responsible for determining the audit's focus. |
|
Oversight Executive |
Grants limited read and write access to the collection. |
Executives can be summarized as C-suite or Directors within a company that have overarching access to all records. They do not need to be involved in managing records but they can assign records to others. Essentially they have view access to collections, and no access to record maintenance. |
|
Oversight Reviewer |
Grants limited read-only access to the collection. |
These users are typically external to the company, but are involved in reviewing records. For example, a person assigned the Oversight Reviewer role may be an auditor that has access to view records, but does not have access to create or edit records. |
|
Contributor User |
Grants limited read-only access to assigned records in the collection. |
Clients are internal to the company and typically represent users that are responsible for providing proof for each record. In a typical audit setup, you can consider clients as being the individual departments that are being audited. GRC professionals assign records to clients asking for information on a particular transaction. For example, a client might be an IT manager that now needs to provide proof that a employee's badge has been disabled. The IT manager might assign the records to his staff (another client) who is then responsible for the task. |
|
No role |
No access |
These users may be Diligent One users, however, their only interaction with Results is responding to surveys or questionnaires. |
Subscriptions and roles
Each user license has a subscription. Subscriptions define which roles are available in the app. For more information about subscriptions, see Managing licenses and subscription permissions.
Roles per subscription
| Role | Professional | Oversight | Contributor |
|---|---|---|---|
| Professional Manager |
|
|
|
| Professional User |
|
|
|
| Oversight Executive |
|
|
|
| Oversight Reviewer |
|
|
|
| Contributor User |
|
|
|
Actions each role can perform
-
= Read and write
-
= Read-only -
= Read and write on assigned records only -
= No access
| Area | Action | Professional Manager | Professional User | Oversight Executive | Oversight Reviewer | Contributor User |
|---|---|---|---|---|---|---|
| Collections | Edit or delete collections |
|
|
|
|
|
| Analyses and Data Analytics | Manage or delete analyses and data analytics |
|
|
|
|
|
| Fields | Delete individual fields |
|
|
|
|
|
| Delete all fields in a table |
|
|
|
|
|
|
| Records | Import data |
|
|
|
|
|
| Process records (status, priority, assignee, send questionnaire) |
|
|
|
|
|
|
| Process records (workflow group assignment) |
|
|
|
|
|
|
| View records (includes comments and attachments) |
|
|
|
|
|
|
| Delete individual records |
|
|
|
|
|
|
| Delete all records in a table |
|
|
|
|
|
|
| Questionnaires | Create questionnaires |
|
|
|
|
|
| Assign questionnaires |
|
|
|
|
|
|
| Manage surveys and event reports |
|
|
|
|
|
|
| Add default supporting files |
|
|
|
|
|
|
| Triggers | Manage triggers |
|
|
|
|
|
| Interpretations and metrics | Create and delete interpretations |
|
|
|
|
|
| Save changes to default interpretation |
|
|
|
|
|
|
| View interpretations |
|
|
|
|
|
|
| Create and delete metrics |
|
|
|
|
|
|
| View metrics |
|
|
|
|
|
Results Lite users
Results Lite users have the same roles available as the corresponding full access subscription, but with limited volumes of data:
- Results Lite Professional corresponds with Professional
- Results Lite Contributor corresponds with Contributor
For more information about Results Lite access, see Access Results with ACL Robotics Professional Edition.
Assign privileges and roles
By default, new users are not assigned access to any of the collections. System Admins with a Professional subscription or Results Admins must assign users a specific privilege or role before they can work with collections.
Assign app privileges
- Open the Results app.
- From the navigation side panel on the Results home page, click Settings.
Assign roles for a collection
You can assign roles on a per-collection basis for most collections. Some system-generated collections, like the Reference collection, cannot be controlled this way.
- Open the Results app.
- In the collection row you want to modify, click More Options
on the right, and click Members. The Manage Collection Members page opens, displaying a list of users in alphabetical order.Tip
Use the search bar to filter the names in the list.
- To add a new user and specify a role:
- Click Add.
- Select the user from the list.
- From the Roles list, select the role.
- Click Save.
- To change the Collection access of an existing user, find the user in the list. In the right-hand column, from the Roles list, select the appropriate level of access.
