Users and Permission for CIS CSAT tool
- Chris Boldiston
Product Name
CIS CSAT
Product Version
n/a
Date
Jul 10, 2020
Ā
Problem
What are the different types of user permissions that are available in CIS CSAT?
Solution
There are 3 types of users in CIS CSAT:
User Type | Permissions |
|---|---|
Primary Owner | Access to full functionality for the organization and all sub-organizations |
Admin | Access to all the functionality and dashboard for the organization, but does not have access to sub-organizations |
Basic User/Member | Access to Sub-Controls that are assigned to the user |
Here are some use case examples;
Admin user would have access to the full assessment and assessment history of the organization in question, but not of the sub-organizations.Ā The Admin would be able to create/delete assessments for their organization, and would be able to add/delete users to that organization, not for any of the sub-organizations.
If you do not want a user to have access to add/delete users, or create/delete assessments in that organization, you could go with a basic user/member, and assign that basic user to all Sub-Controls or a subset of the Sub-Controls.Ā With the new bulk assignment ability in CIS CSAT v1.3.0 it is easier to assign a large number of Sub-Controls to a single user.
Copyright Ā© 2020
Center for Internet SecurityĀ®
Ā
Ā