Permissions in Vanta

  • Updated

Vanta allows three different permission sets to be assigned to users, and each user type holds a specific set of permissions for the assigned person within the Vanta Platform. To learn more about how to add Editor and Admin privileges in Vanta, visit here.

Employee Role

Employees are the default state in Vanta for users without the Admin or Editor role. This role allows employees to accept policies, complete required training, and register the Vanta Agent. These users have a limited view of the app that shows tasks needed for onboarding and a point of contact.

  • This role cannot access the dashboard to see tests, documents, policies, and other settings. There are a few exceptions where the user might see a limited view of the dashboard if they are assigned as an owner on a particular task, such as in a risk assessment or access review
  • This permission is automatically given to individuals added to the People page manually or through an identity provider integration.

Editor Role

Users with this role assignment have access to all Vanta capabilities except the following:

  • Employee’s sensitive data (such as background checks)
  • Documents marked with the Sensitive tag
  • Adding auditors
  • Changing user permission levels in Settings
  • Snoozing/uploading frameworks

Examples of restricted documents include:

  • Board of Directors meeting
  • Background checks
  • Exit interview
  • Org chart
  • Performance evaluations
  • Contractor Agreement
  • Employee agreement

Administrator Role

  • The Administrator permissions grant users access to all Vanta capabilities with no restrictions

Sales Admin

  • Can view basic information and manage external access to your organization's Trust Center.
  • Can complete questionnaires using information from the knowledge base.
  • Cannot approve answers in questionnaires or edit the knowledge base.

 

Auditor Permissions

Auditors will need access to certain information during a compliance audit to verify your security practices.  Learn how to manage your audit and add audit firms, here.

Auditors can:

  • View data in Vanta

Auditors can not:

  • Add or modify users