CAM user roles

Australia Governance, Risk, and Compliance

Release

australia

ft:locale

en-US

ft:publication_title

Australia Governance, Risk, and Compliance

ft:clusterId

grc

bundleId

grc

workflow

Technology

CAM user roles

Release version: Australia

Updated March 12, 2026

1 minute to read

Assign users and groups with roles to prepare them to user the CAM application.

Role permissions and responsibilities


Role title [name]	Description	Contains roles
Authorization Official (sn_irm_cont_auth.authorization_official)	Responsible for accepting an information system into an operational environment at a known risk level. The Authorization Official is entitled to approve and update authorization packages.	sn_irm_cont_auth.reader
Continuous Authorization and Monitoring administrator (sn_irm_cont_auth.admin)	Responsible for all system administration duties in the CAM application.	sn_audit.manager sn_compliance.admin sn_doc.admin sn_irm_cont_auth.reader sn_irm_cont_auth.scheduler
Executive Reader (sn_irm_cont_auth.executive_read)	Read-only access to all modules of the CAM application.	sn_irm_cont_auth.reader. Users with this role can access CAM Workspace.
Information Owner (sn_irm_cont_auth.information_owner)	Responsible for statutory, management, or operational authority and the establishment of policies and procedures governing its generation, collection, processing, dissemination, and disposal. The user can also update information types of an authorization package.	sn_audit.user sn_irm_cont_auth.reader
Information System Security Manager (sn_irm_cont_auth.info_system_sec_manager)	Responsible for conducting information system security management activities. They develop and maintain the system-level cybersecurity program. Can update the authorization package.	sn_compliance.user sn_irm_cont_auth.reader
Information System Security Officer (sn_irm_cont_auth.info_system_sec_officer)	Responsible for ensuring that the appropriate operational security posture is maintained for an information system. Can update the authorization package.	sn_compliance.user sn_irm_cont_auth.reader
Reader (sn_irm_cont_auth.reader)	Read-only role. Users with this role can access CAM Workspace.	sn_audit.reader sn_grc_workspace.task_reader sn_grc_workspace.user sn_compliance.reader sn_incident_read sn_change_read sn_vul.read_all sn_si.read
Scheduler (sn_irm_cont_auth.scheduler)	Responsible for running all scheduled jobs for the application. This role is for a technical user.	sn_irm_cont_auth..system_owner
Security Control Assessor (sn_irm_cont_auth.sec_control_assessor)	Responsible for conducting a thorough assessment of the management, operational, and technical security controls of an information system.	sn_audit.manager sn_compliance.user sn_irm_cont_auth.reader
System Owner (sn_irm_cont_auth.system_owner)	Responsible for procuring, developing, integrating, modifying, operating, and maintaining an information system.	sn_audit.user sn_compliance.user sn_irm_cont_auth.reader
System User (sn_irm_cont_auth.system_user)	Responsible for performing actual work in the system. They can update authorization boundaries, filter, elements, milestones, and acceptance tasks.	sn_audit.user sn_irm_cont_auth.reader business user