Role-Based Access Controls (RBAC)
Role-based access controls (RBAC) allow Osano administrators to restrict application access based on a person's role within the application. The roles in RBAC refer to the levels of access that employees have to the Osano application.
User access takes into consideration a multitude of factors, including authority, responsibility, and job function. Access can also be limited to specific product features and provide the ability to view, create, or modify those features. This control allows users to focus on relevant tasks while restricting access to features and tasks outside their access level.
Osano user roles can be used in conjunction with organizations to allow for greater granularity across and within Osano features.User Roles
To see a detailed breakdown of user roles view the linked USER ROLE MATRIX.
All user roles have access to Dashboard and account settings.
Admin
- Full read/write access to all features and functionalities within the Osano platform.
Advisory Manager
- Has read/write access to all "Advisory" features. All other product features are not accessible to the Advisory Manager.
Consent Manager
- Read/write access to “Management” -> “Consent Management”. This user can add and modify configurations but cannot DELETE configs (Only Admins can delete configurations).
Consent Viewer
- Read access to “Management” -> “Consent Management.”
Data Request Manager
- Read/write access to "Management" -> "Data Subject Requests" -> “Request Submissions”, “Request Submission Forms”. Ability to validate identities and change status on requests.
Note: Data Request Managers will require the Datasource Owner role to see and edit data elements and to assign data sources to DSAR requests.
Data Source Owner
- Read/write access to “Management” -> “Data Subject Requests” -> “Datasource Action Items”, “Data Elements”, and “Datasources.”
Monitoring Manager
- Read/write access to all "Monitoring" features.