Results app permissions

Privileges define the level of access, or permissions, that each user has across the Results app. Roles specify the level of access, or permissions, each user has within individual Collections.

Privileges vs. Roles

A privilege defines a user's global access across the app. There are two privileges available:

  • Results Admin can configure app settings and create collections
  • User no access to app settings and cannot create collections

System Admins with a Professional subscription are automatically granted Results Admin privileges. If you are not a System Admin, you must have a Professional subscription to be granted Results Admin privileges.

Roles apply within an individual collection. A single user may have a different role for each collection, and the role has no implication across the app:

Example

You are a Results Admin user and you create two collections. Your colleague Jill also uses Results, but she has User privileges for the app.

To grant her access to the collections you created, you assign her specific roles in each collection:

  • Collection 1 Professional User
  • Collection 2 Oversight Executive

In collection 1, Jill has full read and write access however her access to collection 2 is limited to read-only. Although she has varying levels of access within the collections, her app-wide privilege remains User .

Available roles

The following table lists the roles available. For a detailed list of actions per role, see Actions each role can perform.

Role Collection access Type of user

Professional Manager

Grants full read and write access to the collection and collection settings.

Note

Only users with Results Admin privileges can create collections, and they are automatically granted the Professional Manager role in all collections.

These users are typically responsible for determining the audit's focus.

Professional User

Grants full read and write access to the collection.

Users assigned the Professional User role report to managers, and have limited ability to create collections since they are not responsible for determining the audit's focus.

Oversight Executive

Grants limited read and write access to the collection.

Executives can be summarized as C-suite or Directors within a company that have overarching access to all records. They do not need to be involved in managing records but they can assign records to others. Essentially they have view access to collections, and no access to record maintenance.

Oversight Reviewer

Grants limited read-only access to the collection.

These users are typically external to the company, but are involved in reviewing records. For example, a person assigned the Oversight Reviewer role may be an auditor that has access to view records, but does not have access to create or edit records.

Contributor User

Grants limited read-only access to assigned records in the collection.

Clients are internal to the company and typically represent users that are responsible for providing proof for each record. In a typical audit setup, you can consider clients as being the individual departments that are being audited.

GRC professionals assign records to clients asking for information on a particular transaction. For example, a client might be an IT manager that now needs to provide proof that a employee's badge has been disabled. The IT manager might assign the records to his staff (another client) who is then responsible for the task.

No role

No access

These users may be Diligent One users, however, their only interaction with Results is responding to surveys or questionnaires.

Subscriptions and roles

Each user license has a subscription. Subscriptions define which roles are available in the app. For more information about subscriptions, see Managing licenses and subscription permissions.

Roles per subscription

Role Professional Oversight Contributor
Professional Manager
Professional User
Oversight Executive
Oversight Reviewer
Contributor User

Actions each role can perform

  •  = Read and write
  • = Read-only
  •  = Read and write on assigned records only
  •  = No access
Area Action Professional Manager Professional User Oversight Executive Oversight Reviewer Contributor User
Collections Edit or delete collections
Analyses and Data Analytics Manage or delete analyses and data analytics
Fields Delete individual fields
Delete all fields in a table
Records Import data
Process records (status, priority, assignee, send questionnaire)
Process records (workflow group assignment)
View records (includes comments and attachments)
Delete individual records
Delete all records in a table
Questionnaires Create questionnaires
Assign questionnaires
Manage surveys and event reports
Add default supporting files
Triggers Manage triggers
Interpretations and metrics Create and delete interpretations
Save changes to default interpretation
View interpretations
Create and delete metrics
View metrics

Results Lite users

Results Lite users have the same roles available as the corresponding full access subscription, but with limited volumes of data:

  • Results Lite Professional corresponds with Professional
  • Results Lite Contributor corresponds with Contributor

For more information about Results Lite access, see Access Results with ACL Robotics Professional Edition.

Assign privileges and roles

By default, new users are not assigned access to any of the collections. System Admins with a Professional subscription or Results Admins must assign users a specific privilege or role before they can work with collections.

Assign app privileges

  1. Open the Results app.
  2. From the navigation side panel on the Results home page, click Settings.
  3. On the left-hand side, click Users.

    A list of users display in alphabetical order.

  4. In the list of names, do one of the following:
    • Select Results Admin? for everyone you want to make a Results Admin
      Note

      Assigning the Results Admin privilege to a user automatically grants the user the Professional Manager role in all Collections.

    • Deselect Results Admin? for everyone you want to make a User

Assign roles for a collection

You can assign roles on a per-collection basis for most collections. Some system-generated collections, like the Reference collection, cannot be controlled this way.

  1. Open the Results app.
  2. In the collection row you want to modify, click More Options on the right, and click Members. The Manage Collection Members page opens, displaying a list of users in alphabetical order.

    Tip

    Use the search bar to filter the names in the list.

  3. To add a new user and specify a role:
    1. Click Add.
    2. Select the user from the list.
    3. From the Roles list, select the role.
    4. Click Save.
  4. To change the Collection access of an existing user, find the user in the list. In the right-hand column, from the Roles list, select the appropriate level of access.