Skip to main content
Compliance is a team effort, but the evidence lives in one place. The console shows you — in plain English — everyone who can access your environment, lets you invite your team with the right level of access, and lets you hand each piece of work to the person who owns it. This is a console capability on the One Plan, separate from the free Commitment Review.

Who can access your environment

Open Org settings to see a single roster of everyone with access to your data:

Your own team

The people you’ve invited, each with their role and when they were last active.

soc2doc

The soc2doc practitioners supporting your account are listed plainly as your service provider — so you always know who, outside your organization, can see your environment.
This roster is the point. You should never have to wonder who can see your compliance data. If someone shouldn’t have access, an admin can remove them here.

Inviting your team

1

Invite by email

From Org settings, an admin enters a teammate’s email and picks a role. There’s no password to set — they sign in with a one-time magic link.
2

Choose the right role

Pick the access each person needs:

Admin

Manage users and assign work, plus full access.

Team member

Full access to work on controls and evidence.

Read-only

See everything; change nothing.
3

Remove anyone, anytime

Removing a person revokes their access immediately. You can’t remove your own admin access by accident.

Assigning work

Every outstanding item — a missing piece of evidence, an overdue vendor review, a control to document — can be assigned to the person who owns it. Add a task, set the owner, and assign it by email; it shows up as their work. This replaces the spreadsheet-and-chase-up routine with a clear, single view of who owns what.