Introducing Per-Risk Access Management: Assign Viewers and Managers to Individual Risks in Vanta

Jacob G. · 2026-06-17T13:52:05.455Z

:risk-alert: Per-Risk Access Management :risk-alert: You can now assign specific viewers and managers to individual risks; no more having to grant broad register-level access just to give someone visibility into one risk. What's new: • Assign access at the individual risk level (not just the register) • Roles can be assigned to both individual users and Teams in Vanta • Full control over who canview vs. manage each risk This is especially useful if you have different stakeholders owning different risks, or if you've been working around some previous permissions limitations. The era of all-or-nothing risk access is over :sparkles-sparkles:

Jacob G.

·Jun 17, 2026 01:52 PM·

Per-Risk Access Management You can now assign specific viewers and managers to individual risks; no more having to grant broad register-level access just to give someone visibility into one risk. What's new:

Assign access at the individual risk level (not just the register)
Roles can be assigned to both individual users and Teams in Vanta
Full control over who canview vs. manage each risk

This is especially useful if you have different stakeholders owning different risks, or if you've been working around some previous permissions limitations. The era of all-or-nothing risk access is over

🙌1

🙌🏾1

🎉2

11 comments

· Sorted by Oldest

Jacob G.
·
·
hey Rudy M. does the bolded part in the 2nd bullet re: Teams address what you had asked about re: risk access mgmt earlier this month? Let me know if yes or no, and I can continue to dig into this!
Rudy M.
·
·
will take a look when I get time. But as I read it ATM, my issue was less about role access to the risk, and more about who to assign the RISK ownership to. ie I wanted to assign the risk to a TEAM. but maybe the middle ground of have 1 named person as the risk owner, and then have the team as role access would work. I'll play in a few weeks. Can't play this week.
Jacob G.
·
·
you got it, rudy. i think it partially does the trick, not fully. ill get this logged with product. (and no rush on your end btw!)
So
·
·
Keen to know more about this - I don't think it's hit our instance yet
Jacob G.
·
·
hey So: for sure! so in your settings, set up a team. then head into Risks page > click on a risk > in the risk scenario table at the far right, theres a more actions menu (three dots) > manage access > in the direct access field, type in the name of the team or individual to grant them access. do you still not see it after doing the above? if not, let me know and ill investigate
So
·
·
Ah it's only for people are already a collaborator - that's the missing piece of the puzzle.
🎯1
Kasey C.
·
·
Does this now allow us to assign enterprise risks without giving broader permissions? My CFO doesn't need admin access, but does need to own our financial risks
Jacob G.
·
·
yup, you got it, Kasey C.. With Per-Risk Access Management, you can now assign your CFO as a manager on your financial risks specifically, without granting them any broader register-level or admin permissions. So your CFO → assigned as Manager on financial risks only → can own, update, and act on those risks
Kasey C.
·
·
Thanks Jacob. But it looks like I still can only assign an admin as an owner of an enterprise risk
Jacob G.
·
·
ahh, let me check on that, kasey. ill get back to you asap, im on it!
Jacob G.
·
·
hey Kasey C. i stand corrected! i'm sorry, thats totally on me. enterprise risk is not included in this product release, however, it is something i got directly in front of the engineers behind this feature (spoke to them a few mins ago), and they advised me that this is something they are exploring as they build out this feature more this year. I'm getting this also submitted on your behalf so they have this specific feedback and they continue building thanks again for asking about this, and sorry for the misspeak on my part!!
👍1

Jacob G.
·
·
hey Rudy M. does the bolded part in the 2nd bullet re: Teams address what you had asked about re: risk access mgmt earlier this month? Let me know if yes or no, and I can continue to dig into this!
Rudy M.
·
·
will take a look when I get time. But as I read it ATM, my issue was less about role access to the risk, and more about who to assign the RISK ownership to. ie I wanted to assign the risk to a TEAM. but maybe the middle ground of have 1 named person as the risk owner, and then have the team as role access would work. I'll play in a few weeks. Can't play this week.
Jacob G.
·
·
you got it, rudy. i think it partially does the trick, not fully. ill get this logged with product. (and no rush on your end btw!)
So
·
·
Keen to know more about this - I don't think it's hit our instance yet
Jacob G.
·
·
hey So: for sure! so in your settings, set up a team. then head into Risks page > click on a risk > in the risk scenario table at the far right, theres a more actions menu (three dots) > manage access > in the direct access field, type in the name of the team or individual to grant them access. do you still not see it after doing the above? if not, let me know and ill investigate
So
·
·
Ah it's only for people are already a collaborator - that's the missing piece of the puzzle.
🎯1
Kasey C.
·
·
Does this now allow us to assign enterprise risks without giving broader permissions? My CFO doesn't need admin access, but does need to own our financial risks
Jacob G.
·
·
yup, you got it, Kasey C.. With Per-Risk Access Management, you can now assign your CFO as a manager on your financial risks specifically, without granting them any broader register-level or admin permissions. So your CFO → assigned as Manager on financial risks only → can own, update, and act on those risks
Kasey C.
·
·
Thanks Jacob. But it looks like I still can only assign an admin as an owner of an enterprise risk
Jacob G.
·
·
ahh, let me check on that, kasey. ill get back to you asap, im on it!
Jacob G.
·
·
hey Kasey C. i stand corrected! i'm sorry, thats totally on me. enterprise risk is not included in this product release, however, it is something i got directly in front of the engineers behind this feature (spoke to them a few mins ago), and they advised me that this is something they are exploring as they build out this feature more this year. I'm getting this also submitted on your behalf so they have this specific feedback and they continue building thanks again for asking about this, and sorry for the misspeak on my part!!
👍1