Vanta allows three different permission sets to be assigned to users, and each user type holds a specific set of permissions for the assigned person within the Vanta Platform. To learn more about how to add Editor and Admin privileges in Vanta, visit here.

Standard User Role

Standard users are the default state in Vanta for users without the Admin or Editor role. The standard user role allows employees to accept policies, complete required training, and register the agent. Standard users have a limited view of the app that shows tasks needed for onboarding and a point of contact.

• The standard user role cannot access the dashboard to see tests, documents, policies, and other settings. There are a few exceptions where the user might see a limited view of the dashboard if they are assigned as an owner on a particular task, such as in a risk assessment or access review
• A standard user is the permission automatically given to individuals added to the People page manually or through an identity provider integration.

Editor Role

Users with this role assignment have access to all Vanta capabilities except:

• employee’s sensitive data (such as background checks)
• documents marked with the Sensitive tag
• adding auditors
• changing user permission levels in Settings
• snoozing/uploading frameworks

Examples of restricted documents include:

• Board of directors meeting
• Background checks
• Exit interview
• Org chart
• Performance evaluations
• Contractor Agreement
• Employee agreement

Administrator Role

The Administrator permissions grant users access to all Vanta capabilities with no restrictions.

Auditor Permissions

During a compliance Audit, auditors will need access to certain information to verify your security practices.  

• Open Settings
• Select Users & Permissions 
• Choose the audit firm you are working with, and select Add

Auditor Permissions

Auditors can:

• View data in Vanta

Auditors can not:

• View sensitive employee data
• Documents
• Integrations
• Add or modify users