Skip to main content
Admins overview

Admins have unrestricted access to Drata. Learn more about admin role, permissions, and functionality in Drata.

Jane Baik avatar
Written by Jane Baik
Updated over a week ago

Admins have unrestricted access to the Drata. Admins can not remove themself as an admin and do not need to be assigned to other roles because they have unrestricted access.

In this help article, learn and discover the functionalities available to admin roles within Drata.

Manage roles in Drata

Only admins can assign, change, or remove roles for a personnel. They can also customize the level of access for each personnel.

To manage roles, go to the ‘Role Administration’ page under the company settings.

Or, navigate directly from the 'Quick Start' under 'Assign user roles' in the 'Prepare for employee onboarding'

Assign a role

To learn how to assign Guest Administrators roles, go to RBAC - Manage a Guest Administrators.

To learn how to assign Workspace manager roles, go to RBAC - Workspace Manager Role.

For other roles, on the Role Administration page, enter the name of the personnel under the desired role to add that personnel. Admins can also customize the level of permission each personnel has. They can toggle on and off 'Read only' and 'Restricted view' permissions. If there is an ellipse instead of an add button, the personnel might have already been assigned that role.

Read only

When enabled for a personnel, the personnel can only view, filter, and download the data on the pages available to the role. They cannot modify the data or do certain actions available on that page. Read only is disabled by default.

Restricted view

A control manager that has restricted view toggled on can only access the controls that they own and are assigned to for tasks or required approvals. A risk manager that has restricted view toggled on can only access the risks they own and are assigned to for tasks.

Restricted view is enabled by default and only available for control managers and risk managers.​ Toggle the restricted view off to allow control managers to access all controls and risk managers to access all risks.

The following image showcases a personnel that is a control manager who has both read-only and restricted view enabled.

showcases a personnel that is a control manager who has both read-only and restricted view enabled.

Change a personnel’s role

Note: When you change a personnel's role, you are assigned the objects (like controls or tasks) that the personnel loses access to due to the role change. You can verify what the personnel has access to under the 'Roles and responsibilities' column.

On the ‘Role Administration’ page, go to the role you would like to update, search for the name of the personnel and select the ellipse and then select 'Change roles'.

Then, on the confirmation modal, select the new role for the personnel. If a certain role is not displayed, the personnel might have already been assigned that role.

Remove a personnel from a role

Note: When you remove a personnel from a role, you are assigned the objects (like controls or tasks) that the personnel loses access to due to the role change. You can verify what the personnel has access to under the 'Roles and responsibilities' column.

On the ‘Role Administration’ page, go to the role you would like to remove the personnel from, enter the name of the personnel, and select the ellipse and then select 'Remove user'. On the confirmation modal, confirm that you would like to remove the personnel from the role.

Admins access

Admins have access to the entire app. The following list displays the sections on the side navigation of Drata, each containing pages admins can access.

Note: If your role has the read-only permissions enabled, you can only view, filter, and download the data on the pages available to the role. You cannot modify the data or do certain actions available on that page.

  • Dashboard

  • Tasks

  • Compliance

  • Trust

  • Risk

  • Governance

  • Connections

  • Settings

  • Quick Start (accessible only by admins)

  • Help Menu

Dashboard

The Dashboard page provides a holistic view about your organization's risk and compliance posture. To learn more, go to Operational Compliance Dashboard.

Tasks

Access all the tasks on the Tasks page. To learn more about Tasks, go to Task.

Compliance

Access the following pages under the Compliance section on the navigation bar:

Trust

Access the following pages under the Trust section on the navigation bar:

Risk

Access the following pages under the Risk section on the navigation bar:

  • Risk Assessment page: Complete and assign assessments. Learn more about Risk Assessment.

  • Risk Management page: Manage risks, create tickets, and map controls to risks. Risk Management is an add-on feature. Learn more about Risk Management.

  • Vendors page: Edit vendor details, complete report reviews, and add vendors. Learn more about Vendors.

  • Assets page: Edit assets details and complete report reviews. Learn more about Assets.

Governance

Access the following pages under the Governance section on the navigation bar:

  • Personnel page: Edit personnel details and take actions related to personnel. To learn more, go to Personnel Overview.

  • Policy Center page: View, download, create, or edit policies. To learn more, go to Policy Center: Link your policies to your controls.

  • Access Review page: Identify and resolve permission and access issues with accounts, including addressing unauthorized accounts. Access Review is an add-on feature. Learn more about User Access Review.

Connections

On the Connections page, view or add the available connection. You can also manage your connections or resynchronize the connected vulnerability scanning. Learn more about the available connections.

Settings

The Settings page can be found as an option under the user menu. In the Settings page, admins have access to the following sections and everything within it: My Settings and Company Settings.

Quick Start

The Quick Stage page can be found either as the first option in the navigation bar or under the user menu. Quick Start is a list of activities designed to help you get value out of Drata sooner. View the Quick Start Guide Overview for details.

Help Menu

Select the help icon or Help & Feedback option to access the Help & Feedback drawer.

This drawer displays sections containing the help center, upcoming features, and community. You can also grant or revoke remote support access for all personnel on the Help & Feedback drawer.

Additional resources

Did this answer your question?