Skip to main content

Workspace Manager overview (New Experience)

Updated this week

πŸ’‘ Still using the classic Drata experience? Refer to RBAC - Workspace Manager Role for the original UI.

The Workspace Manager role is designed for users who manage day-to-day compliance work within specific workspaces. Workspace Managers can oversee compliance activities only in the workspace(s) they are assigned to.

Prerequisites

Before you can assign Workspace Managers, the following requirements must be met:

  • Workspaces must be enabled in your Drata account

  • Workspaces is an add-on feature

  • Contact your Customer Success team to enable Workspaces

  • Only Admins can assign or remove Workspace Managers

Assign a Workspace Manager

Admins can assign Workspace Managers through the Workspaces settings.

  1. Go to Settings β†’ Workspaces

  2. Select the workspace you want to manage

  3. In the Managers section, select Edit

  4. Add or remove Workspace Managers as needed

  5. (Optional) Enable Read-only permission

  6. Select Save

From this page, you can also update existing Workspace Managers, assign read-only permissions, or remove them as workspace managers.

Notes:

  • You can assign multiple Workspace Managers to the same workspace

  • A workspace does not require a Workspace Manager

Read-Only Workspace Managers

Workspace Managers can optionally be granted read-only access if they should view or download information without making changes.

The table below summarizes common Workspace Manager permissions. Actual access may vary depending on enabled features and configuration.

Permission

Standard

Read-only

View workspace pages (Dashboard, Controls, Frameworks, Monitoring, Audits, and more)

βœ… Yes

βœ… Yes

Download reports and evidence from Events, Evidence, and Audits

βœ… Yes

βœ… Yes

Create and edit controls

βœ… Yes

❌ No

Edit frameworks and requirement scope (including custom frameworks)

βœ… Yes

❌ No

Run monitoring tests and manage notifications

βœ… Yes

❌ No

View events and download test evidence for their workspace(s)

βœ… Yes

βœ… Yes

Upload or edit evidence

βœ… Yes

❌ No

Manage audits (assign auditors, send requests, create audits)

βœ… Yes

❌ No

Complete and assign risk assessments

βœ… Yes

❌ No

Manage risks

βœ… Yes

❌ No

Manage vendors

βœ… Yes

❌ No

Manage assets

βœ… Yes

❌ No

View and edit personnel records

βœ… Yes

❌ No

Create, edit, and manage policies

βœ… Yes

❌ No

View connections that are workspace aware and re-sync findings

βœ… Yes

❌ No

Create and manage tickets for controls and tests (if ticketing write access is enabled)

βœ… Yes

❌ No

Create and manage tasks in their assigned workspace(s)

βœ… Yes

πŸ‘€ Yes, View only

Manage company-level workspace settings (create/delete workspaces, assign managers, configure frameworks)

❌ No
​
(Admin only)

❌ No

Did this answer your question?