While most of fields in the ‘Add New User’ form are relatively straightforward (like First Name, Last Name, and Email), some need to be considered. These are outlined below.
de.iterate Role: There are two options:- Company Admin: Team members who will be responsible for managing and implementing your compliance program should be set as ‘Company Admin’. They will have full access to the de.iterate platform, and will be able to add, edit and delete items.
- Policy Reader: Team members who need to read company policies should be set as a ‘Policy Reader’. These people will not be access the entire de.iterate platform.
- Asset Owner: The individual responsible for the asset’s security, use, and ongoing maintenance. This person ensures that appropriate controls are in place and that the asset is properly classified, reviewed, and updated over time.
- Business Sponsor: The senior stakeholder who has a vested interest in the asset's function, performance, and strategic alignment. They typically approve budgets, support risk decisions, and ensure the asset meets broader business objectives.
- User: Someone who actively interacts with or relies on the asset to perform their role. While they may not manage or fund the asset, users play a vital part in protecting it through proper use, awareness of policies, and timely reporting of issues.
- None: The default role. This indicates that the person is not part of the ISMS Committee. Most users will fall into this category, especially if they do not have responsibility for ISMS governance or oversight. Use this for staff who interact with the ISMS but are not involved in its strategic direction or review processes.
- Chair: The Chair is the lead of the ISMS Committee. They are responsible for: facilitating meetings, driving strategic decisions, ensuring that actions and reviews are completed, and acting as the primary point of accountability for governance. They are typically a senior leader (e.g. CISO, CIO, or Compliance Lead), the Chair ensures the ISMS stays aligned with business and regulatory expectations.
- Member: A Member is an active participant in the ISMS Committee. Members contribute insights from their area of the business (e.g. IT, HR, Operations), help implement decisions, and support ongoing ISMS improvements. Typically, asset owners will be members of the committee.
Assign All Policies: Team members who need to read company policies in the de.iterate policy reader (if
enabled) should be set as a ‘Policy Reader’ . These people will not have access to the entire de.iterate
platform. By ticking this box, the team member will be assigned all policies to read.
