PrivacyCentral User Roles & Permissions

Prerequisites

The customer account must have the following applications and services enabled:

Dashboard
Organization Hierarchy
Account Customizations
Intelligent Assessments
My Company Info
Operational Templates
Attestor 2.0
Setting Permission Profiles

Account Administrators can set the roles for their organization's users under Permission Profile. From the left side of the page, navigate to Admin > User Settings (1) > Permission Profiles (2), and then click Add New Permission Profile (3).

Admin navigation showing User Settings, Permission Profiles, and Add New Permission Profile

Each enabled application or service appears as its own permission section when creating a profile:

Dashboard
Permission profile settings for the Dashboard application
Organization Hierarchy
Permission profile settings for Organization Hierarchy
Account Customizations
Permission profile settings for Account Customizations
Intelligent Assessments
Permission profile settings for Intelligent Assessments
My Company Info
Permission profile settings for My Company Info
Operational Templates
Permission profile settings for Operational Templates
Attestor 2.0
Permission profile settings for Attestor 2.0
PrivacyCentral Application and Roles Matrix

The grids in the table below define the possible user roles and specific permissions on various applications by role. The columns contain the names of the roles, while the rows contain the applications as well as the activities or system operations described.

The following are the roles and permissions available for PrivacyCentral:

Activity / Application User
(Assignee /
Respondent)
Reviewer Admin Admin Reviewer Super Admin Privacy Admin API No Access Program Manager
Dashboard
Access
Users can access Dashboard and Risk Profile
Note: Cannot view and navigate the PrivacyCentral pages.
 
All Program Manager rights plus AM Data Extraction API feature and the Settings page
Note: Customer with dashboard and API support. Cannot view and navigate the PrivacyCentral pages.
 
All Privacy Admin and Admin rights plus News Upload and Reset PrivacyCentral features
Note: Only TrustArc employees can be Super Admin.

All Program Manager rights plus PrivacyCentral menu (Roadmap & Scan pages) and the Settings page
Note: Customers with PrivacyCentral.
No dashboard access, only AM Data Extraction API access
Note: Customer with API support only. Cannot view and navigate the PrivacyCentral pages.
No access
Can access all widgets, including reports, if the application is enabled for the account
Note: Customers with dashboard access but no API access. Cannot view and navigate the PrivacyCentral pages.
My Company Info
Can create / modify company info
Can view but cannot submit.
Note: Customer AAA Admin can assign user roles.
 
Note: Currently all customers are Admins.
 
All Admin rights, plus Clear-All feature.
Note: Only TrustArc employees can be Super Admin.
    No access
Create accountability mechanisms in the questionnaire process    
Note: Only TrustArc employees can be Super Admin.
    No access
Create accountability mechanisms in the Policy and Standards Library    
Note: Only TrustArc employees can be Super Admin.
    No access
Intelligent Assessment
Change the intelligent assessment settings           No access
Make configuration changes for PrivacyCentral settings    
Note: TBD if able to reassign tasks.
      No access
View all questionnaire tasks and complete the assessment
Note: Only if the question is assigned to this user.

Note: TBD if able to reassign tasks.
      No access
Answer questions and submit them       No access
View all Improvement tasks if there is a task assigned
Note: Only if the task is assigned to this user.

Note: Only if the task is assigned to this user.

Note: TBD if able to reassign tasks.
      No access
Reassign / edit due date / add attachment to Improvement task  
Note: TBD if able to reassign tasks.

Note: TBD if able to reassign tasks.
      No access
Set priority / change state to In Progress or Ready for Review (Improvement task)
Note: Only if the task is assigned to this user.
 
Note: Only if the task is assigned to this user.
        No access
Approve a remediation task    
Note: TBD if able to reassign tasks.
      No access
View all manual tasks if there is a task assigned
Note: Only if the task is assigned to this user.

Note: Only if the task is assigned to this user.

Note: TBD if able to reassign tasks.
      No access
Reassign / edit / attach due date to a manual task  
Note: TBD if able to reassign tasks.

Note: TBD if able to reassign tasks.
      No access
Set priority / change state to In Progress or Ready for Review (manual task)
Note: Only if the task is assigned to this user.
 
Note: Only if the task is assigned to this user.
        No access
Approve a manual task  
Note: TBD if able to reassign tasks.

Note: TBD if able to reassign tasks.
      No access
Create accountability mechanisms in the questionnaire process       No access
Create accountability mechanisms in the Policy and Standards Library       No access
Approve controls and laws / Assurance program / attestation            
Start revalidation          
Attestor 2.0
Create custom Attestor Standard
Can view but cannot take any action
          No access
Archive Attestor             No access
View audit logs             No access
Publish / unpublish / edit attestation              
Organization Hierarchy
Create org units within Org Hierarchy and set up user access      
Note: Only TrustArc employees can be Super Admin.
    No access
Can view organization units and hierarchy    
Note: Only TrustArc employees can be Super Admin.
    No access
Can add users in the account to the primary entity or organization units after the org units are created, including all organization unit locations (employee & business)      
Note: Only TrustArc employees can be Super Admin.
    No access
TrustArc  ·  PrivacyCentral Application and Roles Matrix  ·  https://www.trustarc.com