Viewer
A Risk Viewer / Creator can:
- Search and view all risks, except for masked risks – unless they are a named contacts
- Access the risk console
- Mark a risk as masked
- Edit the fields, documents, notes, actions and links of an existing risk, except for approved process stages
- and fields specified in the “can't” list below.
Contributor
In addition to what a Viewer can do, a Risk Contributor can:
- Create a manual snapshot of the risk
- View the Cost Tab and the Cost Calculator Audit Tile
- Submit a process stage approval request
- Submit a toleration request
- Unlock an approved stage for editing
- Create a risk
- Can edit the risk owner
Verifier
In addition to what a Risk Contributor can do, a Risk Verifier can:
- Reject a risk
- Apply the 4th shield of approval
- Reject a request to apply the 4rth shield
- Can apply oversight button
Owner
In addition to what a Risk Verifier can do, a Risk Owner can:
- Edit the Risk Review Date and provide an Executive Summary
- Close a risk
- Change the risk owner
Oversight
In addition to what a Risk Owner can do, a Risk Oversight (BRM) can:
- Mark risks as Divisional and link divisional children risks
- Can access / edit a divisional risk
- Restore a risk
- Tolerate a risk and reject a toleration request
Tolerator
This is an add-on system role. It must be given to all risk tolerators, regardless of whether they already have
permissions to tolerate though another system role.
On its own, the Risk Tolerator role will not give a user view or other permissions to the risk module, it must
always be used together with another Risk system role.
Admin
The Administrator has all of the permissions described above, plus access to the Admin
pages.
The risk-specific menu item can be found under Site Admin and is called Risk Impact Admin. From this
page one can manage impact categories, likelihood, RAG, Risk Matrix and help text for the Risk module.
This is addition to the rest of the ARC administration, including but not limited to managing users,