User management¶
To add other users to Riskrunner, you need to be an admin. If you are an admin, you’ll see a link for “Settings” in the bottom left of the screen.

Here, you can click “Add user” to create a new user.

The role determines what a user can do. The available roles are:
Admin: Has full access to everything within the account.
Manager: Can do everything except add/edit users or modify permissions. Cannot edit or delete an assessment.
Editor: Does not have access to users or settings, either within an assessment or globally. Can do everything except add, edit, or delete assessments.
Contributor: Can view all data and see only the reviews assigned to them (as the owner of a review). Can add or edit entities within those assigned reviews.
Viewer: Can only view data. Cannot add, edit, or delete anything. Can view reviews only if they are specifically assigned for viewing purposes.
There is also a Settings tab within each assessment where you can assign different roles to users per assessment. For example, a user can be an Editor for one assessment and a Viewer for another. You can also manage access through groups.
This leads to the final role:
No Access: By default, users with this role cannot see or do anything. Permissions must be explicitly granted for each specific assessment. Alternatively, you can use this role to hide an assessment from a user who otherwise has access to everything.
Lastly, when creating a new assessment, you can assign an owner. The assigned owner will automatically have Admin-level access to that specific assessment.