Roles for performing advanced risk assessment

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • When you integrate advanced risk assessment with other applications, you must ensure the users have the necessary roles to perform and approve the assessments.

    Starting with version 14.1.2, several new roles have been introduced to enable users of other applications to successfully use the advanced risk assessments feature. These independent roles have been created to provide the users the required ability to perform advanced risk assessment without requiring the Integrated Risk Management specific roles such as Risk Admin, GRC Business User.
    Note:
    You must manually assign the advanced risk assessment roles to the sn_grc.business_user role. To understand how you can adjust granting of roles and groups, see the How to adjust granting of roles and groups to use background jobs [KB0963693] article in the Now Support Knowledge Base. To understand more about the GRC business user role, see the GRC Business User [KB0864247] article in the Now Support Knowledge Base article in the Now Support Knowledge Base. You must log in to Now Support to view the article.
    Table 1. Roles installed
    Role title [name] Contained under Description Contains roles
    sn_risk_advanced.ara_admin sn_risk.admin Users with this role can:
    • Create risk assessment methodologies
    • Create and manage factors
    • sn_risk_advanced.ara_creator
    • sn_risk_advanced.ara_assessor
    • sn_risk_advanced.ara_approver
    • sn_risk_advanced.ara_reader
    sn_risk_advanced.ara_creator sn_risk.user Users with this role can create object assessments. sn_risk_advanced.ara_reader
    sn_risk_advanced.ara_assessor sn_grc.business.user Users with role can:
    • Take assessments
    • Perform assessment related actions such as taking the assessment and responding to or reassigning the assessment
    		 sn_risk_advanced.ara_reader
    sn_risk_advanced.ara_approver sn_grc.business.user Users with role can perform assessment related actions such as approving the assessment. sn_risk_advanced.ara_reader
    sn_risk_advanced.ara_reader sn_risk.reader Users with role can read all the information on a risk assessment instance. Users with this role have read access to all tables within advanced risk assessment. If there are users who only need to have access to reports, they can use this role.
    sn_risk_advanced.qualitative_risk_appetite_reader

    sn_risk.user

    sn_risk.reader

    		 Users can view the qualitative risk appetite fields.
    sn_risk_advanced.quantitative_risk_appetite_reader sn_risk.user Users can view the quantitative risk appetite fields.