Custom Roles allow admins to go beyond predefined system roles and create tailored permission sets for specific use cases. This is useful when standard roles don’t fully match your organization’s structure or responsibilities.
💡Note: Custom Roles are available to admins only.
What are Custom Roles?
Custom Roles are standalone roles that:
Can be edited at any time
Override all existing system role permissions
Cannot be combined with other roles
Apply the same permissions to every user assigned to them
🔍Accessing Role Management
Go to Company Settings.
Select Roles Management.
Here you can view, create, edit, and delete Custom Roles.
➕Creating a Custom Role
Click Create Custom Role.
Enter the role name and description.
Choose a system role template as a starting point.
Configure permissions across three categories:
Third-Party Risk Management
My Company
Company Settings
For each permission, select one of:
No Access
View
View & Edit
✏️Editing a Custom Role
Custom Roles can be edited at any time from the Roles Management page.
⚠️ Any changes will immediately affect all users assigned to this role.
Assigning a Custom Role
For existing users
Open the user’s profile in User Management
Select the Custom Role
For new users
Choose the Custom Role during the invitation process
Custom Roles replace all existing permissions for that user.
Deleting a Custom Role
A Custom Role can only be deleted when:
No active users are assigned to it
No pending invitations are associated with it
Once those conditions are met, the delete option becomes available.
Custom Roles empower admins to tailor access, improve self-service management, and ensure the right users have the right permissions across your Panorays environment.
Permissions Breakdown
Category | Sub Сategory | Capabilities |
Third Party Risk Management | General Management Capabilities | Under this section, the following permissions are included:
|
Third Party Questionnaires | Send, update, and review questionnaires submitted by your suppliers.
|
|
Internal Questionnaires
| Send and submit internal questionnaires within the organization. |
|
Relationships | View and assign supplier relationships based on the predefined company-level relationship list.
|
|
Business Impact | Define and update the business impact (inherent risk) for each supplier.
|
|
Third Party Status
| Update the approval status of the specified supplier.
|
|
Custom Alerts
| Set up custom alerts for your supplier chain based on risk changes, improvements, or critical findings.
|
|
Portfolios | Create portfolios and assign suppliers to the appropriate portfolio for better management and control.
|
|
Questionnaire Templates
| View or edit the company Questionnaire Template Library: create new templates, update existing ones, and archive redundant templates.
|
|
Reports | Access the Dashboard and Customized Reports to view or edit reports for individual suppliers or across multiple suppliers.
|
|
Risk Insights
| Access to Cyber events organized in an aggregated view, allowing you to see their direct impact on your organization, your direct suppliers, and indirect suppliers, and take action accordingly.
|
|
My Company | Security Profile | Under this section, the following permissions are included:
|
Trust Center | Create and update your Trust Center, and share it with potential prospects and customers.
|
|
Company Settings | Team Management
| Manage User and Role Management, including:
|
Internal Notes and Comments
| Create and edit internal notes and external comments for Questionnaires, Supplier General Notes, and Findings Notes.
|
|
License Usage
| Access the License Usage page, showing purchased licenses and their actual usage for each company.
|
|
Custom Factors
| Ability to define Risk Policies and Custom Factors, including applying them to specific suppliers and overriding supplier settings.
|
|