User management

To add other users to Riskrunner, you need to be an admin. If you are an admin, you’ll see a link for “Settings” in the bottom left of the screen.

The settings page

Here, you can click “Add user” to create a new user.

Add user

The role determines what a user can do. The available roles are:

  • Admin: Has full access to everything within the account.

  • Manager: Can do everything except add/edit users or modify permissions. Cannot edit or delete an assessment.

  • Editor: Does not have access to users or settings, either within an assessment or globally. Can do everything except add, edit, or delete assessments.

  • Contributor: Can view all data and see only the reviews assigned to them (as the owner of a review). Can add or edit entities within those assigned reviews.

  • Viewer: Can only view data. Cannot add, edit, or delete anything. Can view reviews only if they are specifically assigned for viewing purposes.

There is also a Settings tab within each assessment where you can assign different roles to users per assessment. For example, a user can be an Editor for one assessment and a Viewer for another. You can also manage access through groups.

This leads to the final role:

  • No Access: By default, users with this role cannot see or do anything. Permissions must be explicitly granted for each specific assessment. Alternatively, you can use this role to hide an assessment from a user who otherwise has access to everything.

Lastly, when creating a new assessment, you can assign an owner. The assigned owner will automatically have Admin-level access to that specific assessment.