Module Entitlements for Roles – LogicGate Help Center

An overview of the Module Entitlements that can be granted to Roles in Risk Cloud

Module Entitlements provide access to capabilities in a specific Application or in the Risk Cloud environment.

The screenshot below shows all of the different Module Entitlements available:

To add a Module Entitlement to a Role, check the relevant entitlement and then click the book icon or the pencil icon for read-only and edit access respectively.

Types of Module Entitlements

There are four types of Module Entitlements: Admin Entitlements, Application Entitlements, Compliance Entitlements, and Report Entitlements. Below is a description of each Module Entitlement and the access it provides:

Admin Entitlement

All - This Entitlement grants access to all sections in the Admin Module, as well as to all Application and Report Entitlements. Admin Roles with this Entitlement can create and manage user accounts (by navigating to Admin > Users using the navigation bar), and update their account theme and view account statistics (by navigating to Admin > Account). The image below shows the Admin Module.

Application Entitlements

All Fields: There are two types of "All Fields" module entitlements: Edit and Read. In both edit and read scenarios, fields are always displayed alphabetically for easy navigation.
- Read Entitlement:

- - Users with the "All Fields" (read) entitlement will see a "View All Field Data" option when they click the gear icon on records they have access to.
  - Selecting "View All Field Data" displays all fields associated with the record's workflow, listed alphabetically by name.
  - This includes fields that might not be visible in the current step of the workflow.
  - Users with read entitlement can only view this data; editing is not permitted.
- Edit Entitlement:
  - Users with the "All Fields" (edit) entitlement have similar viewing capabilities as the read entitlement. They can see all workflow and global fields associated with the record.
  - However, edit entitlement grants the additional ability to modify these fields, but only if they have access to the edit.
  - Like the read view, all fields are presented in alphabetical order.

API Access* - Grants users access to generate an individually identifiable API key on their profile page within the Access Key tab

*API access must be included in your contract before this Entitlement can be used.

Assign - Allows users to change the assignee for Records that they have access to (i.e., reassign work to both internal and external users). If a Record is reassigned to an external user, a corresponding "Assign" Job is necessary to notify the external user that they were assigned a Record. If this Job is not in place, the external user will have no way of knowing a Record has been assigned to them. The Assign Entitlement also grants access to the Bulk Assign function in the Work Module. Refer to the Bulk Assign or Unassign Records article for more information on this functionality.
Note: Users do not need this Entitlement in order to assign work via the "Submit" Modal within a Workflow. The screenshot below shows how a user with the Assign Entitlement can reassign Records.

Build - Allows users to access the Build Module and all sections within it. Roles with edit access to the Build Module Entitlement are able to create and edit Roles and Groups (by navigating to Build > Access), Layouts, Jobs, and Applications. Note: Any Role with edit access to the Build Module Entitlement will be able to edit any item within the Build sections, even if they haven't been granted access to the Application in the Steps portion of the Role.

Bulk Link Records - Allows users to access the "Link Records" function in the Work Module. Refer to the Bulk Link Records article for more information on this functionality.

Work Menu - Link Records.png

Bulk Update Fields - Allows users to access the "Update Fields" function in the Work Module. Refer to the Bulk Update Fields article for more information on this functionality.

Delete Records - Allows users to delete individual Records from within a Form. Refer to the Delete a Record article for more information on this functionality.

Note: The Delete entitlement will allow users to delete any Record they can access. For example, User A is in a Role with the Delete Entitlement and that Role only has access to Application A. User A also has access to Application B via a Permission Set. User A will be able to delete Records in both Application A and B.

Duplicate Records - Allows users to duplicate records. Refer to the Duplicate Records article for more information on this functionality.
Import - Allows users to access the "Import Records" function in the Work Module. Refer to the Import Data into Risk Cloud article for more information on this functionality.

Quantify - Provides users with the ability to run Analyses on Analysis Records within the system and view Analysis results. Without this entitlement, users can only create Analysis Records but cannot access or run Analysis processes or view the results. (Only available for customers that have purchased Risk Cloud Quantify.)

Screenshot 2023-10-05 at 5.30.02 PM.png

Compliance Entitlements

Compliance Entitlements provide access to functions within the Compliance Module.

Control Frameworks - Allows users to access the “Controls” page and view a list of all Control Frameworks being used by your organization. Refer to the Control Frameworks in Risk Cloud article for more information on this functionality.

Evidence Automations - Allows users to access the “Evidence Automations” page to centrally manage Automated Evidence Collection automations which they have access to. Refer to the Manage Automated Evidence Collections article for more information on this functionality.
- This entitlement is only available to customers that are licensed to use Automated Evidence Collection.

Evidence Sources - Allows users to access the “Evidence Sources” page and manage connections to third-party platforms for Automated Evidence Collection. Refer to the Add New Evidence Sources for Automated Evidence Collection (AEC) article for more information on this functionality.
- This entitlement is only available to customers that are licensed to use Automated Evidence Collection.

Gap Analysis - Allows users to access the “Controls” page and view or create Gap Analysis reports. Refer to the Create Control Gap Analysis Reports article for more information on this functionality.
- Note: This entitlement provides the same access as the Control Frameworks entitlement, plus the ability to view or create Gap Analysis reports. Users must also have the Dashboards entitlement to access Gap Analysis reports.

Report Entitlements

All of the Report Entitlements provide access to certain sections within the Reports Module.

Dashboards - Allows users to access Dashboard Reports in the "Dashboards" section. This Module allows access to the Visual Reports that can be used within Dashboards (available in the "Visual Reports" section) and means that users with the entitlement can search for and view/edit Dashboards via the Reports>Dashboards page. Roles can be granted Edit or Read-Only access to Dashboards. Those with edit access can both build their own Visual Reports and Dashboards and edit any existing Dashboards. Edit access to Dashboards also grants the user edit access to Table Reports. Those with read-only access will only be able to view Dashboards that others have already created. Note: View access to Dashboards in not required for an end-user to view their assigned Access-Based Home Screen
Productivity - Allows users to access and view, but not edit, the system-generated Productivity Report in the "Visual Reports" section. This entitlement also allows API users to access the User Access Audit API endpoint (/api/v2/audits/access) to view user access activity without granting full user management privileges (like add/edit/deactivate).
Records - Allows users to access and view the Records Report in the "Table Reports" section of the Reports Module. Roles with this Module Entitlement are able to export Records Report Layouts to CSV or Excel.
Status - Allows users to access and view, but not edit, the system-generated Status Report in the "Visual Reports" section.
Table Reports - Allows users to access Table Reports in the "Table Reports" section of the Reports Module. Roles with this Module Entitlement are able to export Table Reports to CSV or Excel. If the user has read-only access to the Table Report Entitlement but has edit access to the Dashboard Entitlement they will be able to edit all Table Reports because the Dashboard Entitlement overrides the Table Report Entitlement.

For more information on creating Roles in Risk Cloud, refer to our Creating Roles.