TODO.LAWAI SENTINEL

Roles & Permissions

Español

AI SENTINEL uses five roles to control access to governance operations. Every action is enforced at the server level — the interface adapts to show only what your role allows.

Role Hierarchy

Owner

OWNER

Full platform control. Billing, team management, and all governance operations.

Admin

ADMIN

Organization management and full governance access without billing control.

AI Officer

AI Officer

Governance authority. Approves assessments, publishes policies, and makes oversight decisions.

Member

MEMBER

Day-to-day governance work. Creates records, submits assessments, reports incidents.

Viewer

VIEWER

Read-only access. Can view all dashboards, records, and reports but cannot make changes.

Each role inherits all capabilities from the roles below it.

What Each Role Can Do

Owner

Manage billing & subscription
Invite and remove members
Change member roles
All Admin capabilities

Admin

Invite and remove members
Configure organization settings
All AI Officer capabilities

AI Officer

Approve or reject assessments
Publish policy versions
Make oversight gate decisions
Approve policies
All Member capabilities

Member

Register AI systems
Create assessments & submit for review
Report incidents
Create oversight gates
Manage vendors & policies
Report shadow AI usage

Viewer

View executive dashboard
Browse AI registry & risk classifications
View assessments, incidents, policies
Access compliance mapping reports
View vendor & oversight information

Permissions Matrix

ActionOwnerAdminAI OfficerMemberViewer
View dashboards & records
Create & edit records
Delete records
Approve assessments
Publish policies
Make oversight decisions
Invite & remove members
Change member roles
Manage billing

How Roles Are Assigned

Organization Creator

The user who creates an organization is automatically assigned the Owner role.

Invited or Auto-Joined Users

Users who are invited or who join via email domain matching receive the Member role by default. An Owner can change their role at any time.

Viewer Access

The Viewer role is assigned explicitly by an Owner or Admin. Viewers see a clean read-only interface — create and edit buttons are hidden, not just disabled.

Role Changes

Only the organization Owner can change member roles. All role changes are recorded in the audit trail.

Server-Side Enforcement

All permissions are enforced at the API level, not just the interface. Even if a user crafts a direct API request, the server verifies their role and organization membership before processing any operation. This means security does not depend on what the browser shows or hides.