Permissions in Vanta

  • Updated

Vanta allows three different permission sets to be assigned to users, and each user type holds a specific set of permissions for the assigned person within the Vanta Platform. To learn more about how to add Editor and Admin privileges in Vanta, visit here.

 

Employee Role

Employees are the default state in Vanta for users without the Admin or Editor role. This role allows employees to accept policies, complete required training, and register the Vanta Agent. These users have a limited view of the app that shows tasks needed for onboarding and a point of contact.

  • This role cannot access the dashboard to see tests, documents, policies, and other settings. There are a few exceptions where the user might see a limited view of the dashboard if they are assigned as an owner on a particular task, such as in a risk assessment or access review
  • This permission is automatically given to individuals added to the People page manually or through an identity provider integration.

 

Editor Role

Users with this role assignment have access to all Vanta capabilities except the following:

  • Employee’s sensitive data (such as background checks)
  • Documents marked with the Sensitive tag
  • Adding auditors
  • Changing user permission levels in Settings
  • Snoozing/uploading frameworks

Examples of restricted documents include:

  • Board of Directors meeting
  • Background checks
  • Exit interview
  • Org chart
  • Performance evaluations
  • Contractor Agreement
  • Employee agreement

 

Administrator Role

  • The Administrator permissions grant users access to all Vanta capabilities with no restrictions

 

Auditor Permissions

During a compliance Audit, auditors will need access to certain information to verify your security practices.  

To add your Auditor:
  • Open Settings
  • Select Users & Permissions, then the Auditors tab
  • Choose the audit firm you are working with, and select Add

Auditors can:

  • View data in Vanta

Auditors can not:

  • Add or modify users 

 

Was this article helpful?

Have more questions? Submit a request