About IT GRC Process Management Pack User Roles

In System Center Service Manager, the security rights that allow users to access or update information are defined in a user role profile. A user role profile is a named collection of access rights and usually corresponds to employees’ business responsibilities. Each user role profile controls access to entities stored in and managed through System Center Service Manager, including programs, control objectives, control activities, and risks.

The IT GRC Process Management Pack includes user role profiles that build on and extend the existing System Center Service Manager user profiles. These IT GRC Process Management Pack user role profiles are specific to the IT GRC Process Management Pack.

Users who perform specific user roles are assigned to a user role profile. Some of the user roles for the IT GRC Process Management Pack are members of the user role profiles that are specific to the IT GRC Process Management Pack. Other user roles for the IT GRC Process Management Pack are members of the System Center Service Manager user role profiles.

The following table lists the IT GRC Process Management Pack user roles, the user role profile to which the user role is assigned, and a brief description of the user role.

User role	User role profile	Description
Administrator	Administrators	Responsible for installation of the IT GRC Process Management Pack, IT Compliance Management Libraries and the ongoing management of system wide configuration settings.
Compliance Program Manager	Compliance Program Manager	Responsible for the management of IT GRC programs within their organization and helps ensure that the organization is in compliance with authority document citations.
Compliance Program Implementer	Compliance Program Implementer	Responsible for the management of control objectives, control activities, and risks. Also responsible for managing the day-to-day tasks, such as performing control activity compliance tests or updating risk information.
Compliance Program Read Only Users	Read-Only Operators	Responsible for viewing IT GRC entities, such as programs, control objectives, control activities, and risks. Also responsible for creating compliance incidents.
Library Author	Authors	Responsible for customizing the IT GRC Process Management Pack or the IT Compliance Management Libraries. Also responsible for creating new management packs that work with the IT GRC Process Management Pack. These users are also typically members of the Administrator user role profile in their authoring environment.

For more information about user roles in System Center Service Manager, see About User Roles.