KCM GRC: User Types
KnowBe4 KCM GRC: User Types
This article describes different user types within the KCM Governance, Risk and Compliance (GRC) platform. If you are looking for KnowBe4's Security Awareness Training platform's Users and Groups product manual, click here.
Creating a User: Selecting a User Type
The KCM GRC platform consists of three different modules: The Compliance module, Policy Management module, and the Risk Management module. There are different user types under each module, and each user type has unique privileges in the KCM GRC console.
User Account Types
User Account Types
|Compliance User Type||Privileges||Definition||Licensed User (Y/N)|
|Account Administrator||Full access to all areas, Scopes, and modules within KCM GRC||Account Administrators have complete control over all aspects of the KCM GRC platform. They can create custom Compliance Templates, assign Responsibilities, create and update Controls, clone Scopes, and adjust mappings between Requirements and Controls. As an Account Administrator, you are presented with a Global Dashboard which provides an overview of your organization's current Tasks, and other useful information that pertains to the entire account.||Y|
A Scope Manager is any user with permissions set for one or more Scopes. Permission levels are set per Scope and define how the user will be able to interact with the Scope. The permission levels are as follows:
|Auditor||Read-only access to specified Scopes, Policy Management Campaigns, and related reports||Auditor accounts are used to give a reviewer, assessor, consultant, board member, or auditor read-only access to one or more Scopes. An Auditor can only see Reports for the Scopes they're given access to. Reports contain the Requirements, Controls, Tasks, and Evidence related to a given project or Scope.||N|
|Policy Management User Type||Privileges||Definition||Licensed User (Y/N)|
|Policy Administrator||Full access to all objects (i.e., campaigns, groups, users, policies, etc.) within the Policy Management module||Policy Administrators can create and maintain all Policy Management Campaigns.||Y|
Access to campaign data for the specified allowed campaigns
|Campaign Managers are granted access to one or more Policy Management campaigns. They can monitor the participation status of the policy acknowledgments, and nudge users who have not acknowledged. If you need a user to be able to manage some campaigns but not all, you would use the Campaign Manager user type.||Y|
|End User||End Users do not log into the KCM GRC platform. They receive policy documents via email.||
End Users are simply added to KCM GRC for the purpose of receiving policies by email. Using the link from the recipient's email, the users read and acknowledge your organization's policies. Policy acknowledgments are recorded in KCM GRC, within the associated policy campaign.
|Risk Management User Type||Privileges||Definition||Licensed User (Y/N)|
|Risk Administrator||Full access to all objects (i.e., Risk Templates, Risk Register, Risk Wizard, etc.) within the Risk Management module||Risk Administrators can map Controls, create and maintain Risk Templates, can use the Risk Wizard, and can use the Risk Register to import, export, and add new Risks.||Y|