Secureframe comes standard with Super Admin, Admin and Auditor roles. In addition, Super Admins can create Custom Roles to create access for specific access to areas of the platform.

Super Admin Role Permissions

A Secureframe Super Admin is the highest level of access, which includes read and write access to the following components:

• Company Onboarding
• Company Settings
• Dashboard
• Tests
• Personnel
• Asset Inventory
• Policies
• Integrations
• Vendors
• Vendor Access
• Risk Management
• Reports
• Data Room
• Questionnaires
• Knowledge Base
  

In addition, the Super Admin role includes the following privileges:

• View sensitive data and protected files such as background check reports and performance review reports
• The ability to create, assign, or change access roles for personnel 
• Configure SSO authentication and alternate sign-in methods

We would recommend only selecting one or two users from your organization to be a Secureframe Super Admin. This is usually an executive or leader at an organization who should have the ability to view protected files and grant users access. 

Admin Role Permissions

A Secureframe Admin is the 2nd highest level of access, which includes read and write access to the following components:

• Company Onboarding
• Company settings
• Dashboard
• Tests
• Personnel
• Asset Inventory
• Policies
• Integrations
• Vendors
• Vendor access
• Risk management
• Reports
• Data Room
• Questionnaires
• Knowledge Base
  

The Admin role does NOT have data access to:

• View sensitive data and protected files such as background check reports and performance review reports
• The ability to create, assign, or change access roles for personnel 
• Configure SSO authentication and alternate sign-in methods

Auditor Role Permissions

The Secureframe Auditor role is a read only role primarily reserved for audit partners. 

App Access (View/read only and Exports)

• Company settings
• Dashboard
• Tasks 
• Tests
• Controls
• Frameworks
• Personnel
• Asset Inventory
• Policies
• Vulnerabilities
• Integrations
• Vendors
• Vendor access
• Risk Management
• Data Room
• Questionnaires
• Knowledge Base
• Trust Center

Custom Admin Roles

Custom roles are designed to allow restricted access to specific functions within the Secureframe application. 

Note: Only Super Admins can create Custom roles.

Frequently Asked Questions (FAQ)

What is the difference between Super Admin and Admin role?

• Super Admin role has access to everything and is the highest level of access in Secureframe.
• The Admin role is different in that Admins cannot view sensitive data and protected files such as background check reports and performance review reports. The Admin role does not have the ability to create, assign, or change access roles for personnel.
• The Admin role cannot Configure SSO authentication for alternate sign-in methods.

What are some examples of a Custom Role?

• A common example of a custom role would be a Human Resource Role with access to Personnel, Policies and Onboarding. 
• Anyone with this access role would have read and write access to the 3 associated modules (ex, Personnel, Policies and Onboarding) listed in the above example, and would not have access to any other area of the platform.