Auditor
This user can access the repository in read only mode, he can also read the log and print the report.
- The Auditor will be granted the Auditor and Restricted Auditor permission sets by default.
- Depending on the permission sets the Auditor will be assigned following permissions by default:
Description | Remarks |
Auditor Permissions | |
Applications\Can Read All Applications | This permission gives you the right to read all applications. |
Users\Can Read All Users | This permission gives you the right to read all users. |
Groups\Can Read All Groups | This permission gives you the right to read all groups. |
Restricted Auditor Permissions: | The restricted auditor role will have access to applications for which he has been granted “Membership Manager” role. |
Applications\Can Read Application | This permission gives you the right to read applications for which you have the role “Membership Manager” |
Audit and Reporting\Can Generate Documentation | This permission gives you the right to generate documentation. |
Audit and Reporting\Can Read Event Log | This permission gives you the right to read an Event Log. |
Groups\Can Read Group | This permission gives you the right to read group. |
Users\Can Read User | This permission gives you the right to read user. |
Permissions\Can Read Permission | This permission gives you the right to read a permission. |
Permission Sets\Can Read Permission Set | This permission gives you the right to read a permission set. |
Roles\Can Read Application Role | This permission gives you the right to read an application role. |
Roles\Can Read Shared Role | This permission gives you the right to read a shared role. |
Roles\Can Read System Role | This permission gives you the right to read a system role. |
Impact of Auditor Role on Applications
This module explains the impact on the applications if the user has been granted Auditor Role.
- The User will be assigned following permissions:
Description | Remarks |
Can Read All Applications | This permission gives access to read all applications. |
Can Read Application | This permission gives you the right to read applications for which you have the role “Membership Manager”. |
- Once the user logs in using the assigned mode of authentication, the following screen will be displayed:

- Since the user has permissions to Can Read All Applications and Can Read Application, the Can Read All Applications will override.
- The user will be able to view list of all the applications. (A)
- The user can click on the Application name to view the application information as shown below:

- Other application related options will be disabled as shown below:

Impact of Auditor Role on Audit and Reporting
This module explains the impact on the audit and reporting if the user has been granted the Auditor Role.
- The User will be assigned following permissions:
Description | Remarks |
CanGenerateDocumentation | This permission gives you the right to generate documentation. |
Can Read Event Log | This permission gives you the right to read an Event Log. |
- Once the user logs in using the assigned mode of authentication, the following screen will be displayed.
- The user will be able to view list of all the applications (A).

- Since the user has permissions to Can Generate Documentation he can use Generate Documentation option to generate documentation of each entity in the Visual Guard console.

- Can Read Event Log permission allows access to viewing the event log as shown below:

Impact of Auditor Role on Groups
This module explains the impact on the groups if the user has been granted an Auditor Role.
- The User will be assigned following permissions:
Description | Remarks |
\Groups\CanReadGroup | This permission gives access to read a group for which you have the role “Membership Manager”. |
\Groups\CanReadAllGroups | This permission gives you the right to read all the groups. |
- Once the user logs in using the assigned mode of authentication, the following screen will be displayed.
- The user will be able to view list of all the applications (A).

- Since the user has permissions to Can Read All Groups and Can Read Groups, the Can Read All Groups will override.
- The user will be able to view list of all the groups.

- The user cannot rename, remove or add a new group, the options will be disabled as shown below:

Impact of Auditor Role on Permissions
This module explains the impact on the permissions if the user has been granted an Auditor Role.
- The User will be assigned following permissions:
Description | Remarks |
Can Read Permission | This permission gives you the right to read a permission. |
- Once the user logs in using the assigned mode of authentication, the following screen will be displayed.
- The user will be able to view list of all the applications (A).

- Since the user has permissions to Read permissions all permission details will be displayed in read only mode. (A)
- Additionally the options to rename, remove or add a new permission will also be disabled as shown below:

Impact of Auditor Role on Permission Sets
This module explains the impact on the permission sets if the user has been granted an Auditor Role.
- The User will be assigned following permissions:
Description | Remarks |
Can Read Permission Sets | This permission gives you the right to read a permission set. |
- Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
- The user will be able to view list of all the applications (A).

- Since the user has permissions to Read permission sets all permission set details will be displayed in read only mode. (A)
- Additionally the options to rename, remove or add a new permission set will also be disabled as shown below:

Impact of Auditor Role on Roles
This module explains the impact on the roles if the user has been granted an Auditor Role.
The User will be assigned following permissions:
Description | Remarks |
Can Read Application Role | This permission gives you the right to read an application role. |
Can Read Shared Role | This permission gives you the right to read a shared role. |
Can Read System Role | This permission gives you the right to read a system role. |
- Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
- The user will be able to view list of all the applications (A).

- Since the user has Can Read Application Role privilege he can view just the role details.
- Additional options such as rename, remove or add a new role will be disabled as shown below:

- Similarly the Can Read Shared Role privilege will allow the user to view the shared role information in read only mode.
- Additional options such as rename, remove or add a new role will be disabled as shown below:

- Similarly the Can Read Special Role privilege will allow the user to view the special role information in read only mode.
- Additional options such as rename, remove or add a new role will be disabled as shown below:

Impact of Auditor Role on Users
This module explains the impact on the users if the user has been granted an Auditor Role.
- The User will be assigned following permissions:
Description | Remarks |
Can Read All Users | This permission gives you the right to read all users |
Can Read User | This permission gives you the right to read user |
- Once the user logs in using the assigned mode of authentication, the following screen will be displayed:
- The user will be able to view list of all the applications (A).

- Since the user has both the privileges namely Can Read All Users and Can Read User permissions, Can Read All Users permission will override.
- Can Read All Users permission will allow the user to view the list of all users.
- The user can view the user details by clicking on username.

- All details will be displayed in read only mode.
See Also:
- Special Roles
- Impact of granting multiple roles
- Special Roles & Permission Matrix