The Members module in Secure Privacy's Governance Solution lets you manage team member access, assign ownership of tasks, risks, assessments, and processes, and maintain a complete audit trail of all responsibility changes. Role-based access controls ensure each team member can only access the areas relevant to their role — supporting both operational security and GDPR accountability across your organization.
Who Is This For?
Administrators managing user access, permissions, and team member onboarding and offboarding
Compliance managers assigning and tracking responsibilities across teams and departments
Privacy officers ensuring proper accountability structures are in place and documented for regulatory purposes
Accessing the Members Module
From the left sidebar in the Governance Solution, click Members. The main view displays all team members with their role, department, and current involvement across processes, tasks, risks, and impact assessments.
Adding a Team Member
Step 1: Click + Add Member
Click the + Add Member button in the top-right corner of the Members view.
Step 2: Enter member details
Enter the team member's email address. They will receive an invitation to join the organization on the Governance Solution platform.
Step 3: Assign a role
Select the appropriate role based on the team member's responsibilities and the level of access they require:
Role |
Access Level |
|---|---|
Owner |
Full access to all modules, settings, and user management — typically assigned to the primary account administrator |
Admin |
Full access to all compliance modules — cannot manage organization-level settings or billing |
Member |
Access limited to items and modules specifically assigned to them — suitable for team members with defined, scoped responsibilities |
Role-Based Access Control
Role assignments in the Members module directly govern what each team member can view and edit across the Governance Solution. Following the principle of least privilege — granting only the access each person needs for their role — reduces the risk of unauthorized changes to compliance records and supports GDPR data minimization principles as applied to internal system access.
Member Involvement Tracking
The Members table provides an at-a-glance view of each team member's current compliance responsibilities across the platform:
Processes: Number of processing activities they own or are involved in within the Process Register
Tasks: Number of compliance tasks currently assigned to them in Task Management
Risks: Number of risk register entries they are responsible for in Risk Management
Impact Assessments: Number of DPIAs or other assessments they participate in
Click on any team member to view the full details of their assignments and ownership across all modules.
Filtering and Exporting
Use the search bar to find members by name or email address. Apply Filters to narrow the view by role or department. Click Export to download the full member list for audit documentation, HR reporting, or access review purposes.
Compliance Accountability Audit Trail
The platform automatically tracks all member-related actions with timestamps — providing a complete, chronological record of who was responsible for what at any point in time:
When a member was added to or removed from the organization
Role changes and permission updates
Task assignments, completions, and reassignments
Process and risk ownership changes
This audit trail directly supports GDPR accountability requirements under Article 5(2) — demonstrating that named individuals were responsible for specific compliance obligations at each point in your program's history.
Members Module Best Practices
Follow the principle of least privilege
Assign each team member only the role and access level they need to perform their compliance responsibilities. Avoid assigning Owner or Admin roles to members who only need task-level access — reducing the risk of accidental or unauthorized changes to compliance records.
Review member roles quarterly
Team responsibilities change frequently. A quarterly review of all member roles and assignments ensures access levels still reflect current job functions — and identifies any members who may need their access updated or removed.
Remove access promptly when team members leave
Departing team members should have their access removed immediately — and their open tasks, risks, and process ownerships reassigned to active team members. Unowned compliance items create accountability gaps that may not be visible until a regulatory audit.
Use role-based workflow approvers
Configure approvers in Workflow & Automation by role rather than by named individual wherever possible. This ensures workflows continue functioning correctly when team members change roles or leave the organization — without requiring manual reconfiguration of approval chains.
Assign ownership to every item
Every process, system, risk, and task in the Governance Solution should have a clearly named owner. Unowned items reduce accountability, lower maturity scores across multiple dimensions, and create gaps that supervisory authorities may identify during regulatory inspections.
Next Steps
Assign team members as owners of processing activities in the Process Register
Set up and assign compliance tasks in Task Management to ensure clear accountability for all open actions
Configure role-based approvers in Workflow & Automation to future-proof your approval chains against team changes
Frequently Asked Questions
What happens to tasks and risks owned by a member when they are removed?
When a team member is removed from the organization, their tasks, risks, and process ownerships remain in the system but become unassigned. An administrator should reassign all open items to active team members promptly after removal to prevent accountability gaps and ensure compliance activities continue without interruption.
Can the same person hold multiple roles across different modules?
Each team member has a single platform role — Owner, Admin, or Member — that governs their access level across the Governance Solution. However, a single team member can be assigned ownership of multiple processes, tasks, risks, and assessments simultaneously, regardless of their platform role.
Is the member audit trail accessible to supervisory authorities?
The audit trail is an internal record within the Governance Solution. If required during a regulatory inspection, administrators can export member records and activity logs to demonstrate that named individuals held specific compliance responsibilities at particular points in time — supporting GDPR accountability documentation under Article 5(2).