> ## Documentation Index
> Fetch the complete documentation index at: https://docs.soc2doc.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Your team and access

> See exactly who can access your environment, invite your team with the right role, and hand work to the person who owns it.

Compliance is a team effort, but the evidence lives in one place. The console shows
you — in plain English — everyone who can access your environment, lets you invite
your team with the right level of access, and lets you hand each piece of work to
the person who owns it.

This is a console capability on the One Plan, separate from the free Commitment
Review.

## Who can access your environment

Open **Org settings** to see a single roster of everyone with access to your data:

<CardGroup cols={2}>
  <Card title="Your own team" icon="users">
    The people you've invited, each with their role and when they were last active.
  </Card>

  <Card title="soc2doc" icon="shield">
    The soc2doc practitioners supporting your account are listed plainly as your
    service provider — so you always know who, outside your organization, can see
    your environment.
  </Card>
</CardGroup>

<Note>
  This roster is the point. You should never have to wonder who can see your
  compliance data. If someone shouldn't have access, an admin can remove them here.
</Note>

## Inviting your team

<Steps>
  <Step title="Invite by email">
    From **Org settings**, an admin enters a teammate's email and picks a role.
    There's no password to set — they sign in with a one-time magic link.
  </Step>

  <Step title="Choose the right role">
    Pick the access each person needs:

    <CardGroup cols={3}>
      <Card title="Admin">Manage users and assign work, plus full access.</Card>
      <Card title="Team member">Full access to work on controls and evidence.</Card>
      <Card title="Read-only">See everything; change nothing.</Card>
    </CardGroup>
  </Step>

  <Step title="Remove anyone, anytime">
    Removing a person revokes their access immediately. You can't remove your own
    admin access by accident.
  </Step>
</Steps>

## Assigning work

Every outstanding item — a missing piece of evidence, an overdue vendor review, a
control to document — can be assigned to the person who owns it. Add a task, set
the owner, and assign it by email; it shows up as their work. This replaces the
spreadsheet-and-chase-up routine with a clear, single view of who owns what.
