HERE’S WHY
As a company you might need specific personnel to work on managing internal and external risks without having access to other sections of Drata. With the Risk Manager role you can give access to the Risk Management and the Vendor management in Drata without them accessing non-risk-related features.
BEFORE DIVING IN
The Risk Manager role is part of the Risk Management module.
Any current personnel can be assigned the role of Risk Manager.
The Risk Manager role can be assigned on its own OR in conjunction with other roles
An Information Security Lead without the Risk Manager role CANNOT access Risk Management.
The Admin role includes access to the Risk Management module.
Personnel with the Admin role do NOT need to be assigned the Risk Manager role too.
The Risk Manager role section only appears in Role Administration when the Risk Management feature is enabled for an account.
HERE’S HOW
Give Risk Management access by assigning the Risk Manager Role
Navigate to the Drata portal and log in as an Admin.
In the bottom left of your screen, select your company's logo and select 'Settings' and then select the 'Role Administration' tile.
Go to the 'Risk Managers' section and add any personnel who need to access the Risk Management module.
Restricted view: Limit the risk managers access to only the risks and tasks (including vendor risks and tasks) that they own.
