Compliance is a team effort. DSALTA's role-based access control system lets you invite team members and assign appropriate permissions based on their responsibilities.
Accessing Team Management
Navigate to People > Members to view your team and invite new members. Admin users can invite people, assign roles, and manage permissions.
User Roles in DSALTA
DSALTA provides several predefined roles, each with specific permissions:
Admin
Full access to all DSALTA features, including:
Organization settings and billing
User management and role assignment
All compliance modules
Integration management
Audit and reporting features
Best for: Compliance leaders, security directors, and system administrators
Compliance Manager
Broad access to compliance features:
Framework and control management
Policy creation and approval
Test management and remediation
Vendor risk assessment
Evidence collection
Cannot: Change organization settings, manage billing, or modify user roles
Best for: Compliance team members who execute daily compliance tasks
Auditor
Read-only access designed for external auditors:
View frameworks, controls, and evidence
Access audit packages and documentation
Review test results and policies
No ability to modify any data
Best for: External auditors during audit engagements
Contributor
Limited access focused on specific assignments:
View assigned controls and policies
Upload evidence for assigned items
Complete assigned tasks
View relevant documentation
Best for: Team members who own specific controls or policies but don't manage the overall program
Custom Roles
Enterprise plans can create custom roles with granular permissions tailored to specific organizational needs.
Inviting Team Members
To invite a new team member:
Click Invite your team or Add Person in the Personnel section
Enter the person's email address
Select their role from the dropdown
Add an optional personal message
Click Send Invitation
The invitee receives an email with a link to create their DSALTA account. They'll have immediate access once they complete registration.
Inviting Multiple People
To invite several team members at once:
Click Bulk Invite
Enter multiple email addresses (one per line or comma-separated)
Select a default role for all invitees
Click Send Invitations
You can modify individual roles after they've accepted their invitations.
Assigning Ownership
Beyond roles, DSALTA lets you assign specific ownership for:
Controls: Each control can have a designated owner responsible for implementation and evidence collection
Policies: Assign policy owners who maintain and update specific documents
Tests: Designate who's responsible for remediating failed tests
Vendors: Assign vendor relationship owners for security assessments
To assign ownership, navigate to the specific item and click Assign Owner, then select from your team members.
Best Practices for Team Structure
Small Organizations (1-10 people)
1-2 Admins (founders or executives)
Assign control ownership based on functional areas
Everyone contributes to their domain's controls
Medium Organizations (11-50 people)
1-2 Admins (security/compliance leads)
2-3 Compliance Managers (compliance team)
Contributors from engineering, IT, HR, and legal
Clear ownership for each control category
Larger Organizations (50+ people)
2-3 Admins (security leadership)
Multiple Compliance Managers (dedicated compliance team)
Contributors across all departments
Formalized approval workflows
Dedicated vendor risk manager
Managing Permissions
Admins can modify user permissions at any time:
Go to Personnel > People
Click on the team member's name
Select Edit Role
Choose the new role and save
Role changes take effect immediately. The user receives a notification about their updated permissions.
Removing Team Members
When someone leaves your organization:
Navigate to Personnel > People
Find the team member
Click the menu icon (three dots)
Select Remove Access or Deactivate
Deactivate: Removes access but preserves their activity history and ownership records
Remove: Completely removes the user (only recommended if they were added in error)
Access Controls and Groups
For more advanced permission management, use Personnel > Groups to create teams or departments. Groups allow you to:
Assign multiple people to controls or policies at once
Set up approval workflows by department
Organize vendor assessments by business unit
Single Sign-On (SSO)
Organizations using Google Workspace or Microsoft 365 can enable SSO for seamless authentication. Team members log in using their corporate credentials, and DSALTA automatically syncs with your IdP for user provisioning and de-provisioning.
To enable SSO, connect your Identity Provider in the Integrations section.
Monitoring Team Activity
Admins can view team activity through:
Activity logs: Track who made changes and when
Task completion: Monitor assigned work progress
Control ownership: See responsibility distribution
Regular reviews ensure work is distributed appropriately and nothing falls through the cracks.