Who can access your environment
Open Org settings to see a single roster of everyone with access to your data:Your own team
The people you’ve invited, each with their role and when they were last active.
soc2doc
The soc2doc practitioners supporting your account are listed plainly as your
service provider — so you always know who, outside your organization, can see
your environment.
This roster is the point. You should never have to wonder who can see your
compliance data. If someone shouldn’t have access, an admin can remove them here.
Inviting your team
Invite by email
From Org settings, an admin enters a teammate’s email and picks a role.
There’s no password to set — they sign in with a one-time magic link.
Choose the right role
Pick the access each person needs:
Admin
Manage users and assign work, plus full access.
Team member
Full access to work on controls and evidence.
Read-only
See everything; change nothing.