All users with access to Impero can create users. All users with the role “User administrator” can invite users to Impero (external stakeholders such as auditors etc.) and delete users from Impero. The user administrator can also create and edit user groups and grant user roles to other users (it is only possible to grant the same or lower roles to the user).
All users with the role “Tag administrator” can create and edit tags in Impero. It is important to notice that Impero has a shared “tag catalog” across the entire environment so changes in the tag catalog may affect other business areas. Impero recommend limiting this role to a few users.
Risk map manager:
All users with the role “Risk map manager” can create new risk maps. Access to the different risk maps is set with the same terminology as with control programs (edit/view and view access).
All users with the role “Risk map manager” can create new controls and control programs. If a user is granted “Edit/view” access to a program, the user can edit already exiting controls within that program, but the user cannot create new controls.