Can anyone direct me in the best way to Provide Certain Users with Read-Only Access to the GRC: Vendor Risk Management Workspace without having to create a Ton of ACL's

The users do not need write/create/delete access only Read

This OOB Role contains task-editor role which gives them access to write to tasks on the Workspace.

sn_vdr_risk_asmt.vendor_assessment_reviewer

sn_vdr_risk_asmt.vendor_manager has way too much access that they do not need.

Thank you

Tricia