Thoropass offers self-service content management, giving users the ability to create, edit, and delete custom content. The capabilities of self-service content management will consistently expand with future releases.
⚡Thoropass's default content can not be deleted. This includes our core list of Unified Controls, controls for our supported frameworks like SOC 2 or ISO 27001, and our action items.
Which Content Can Be Modified?
What are Unified Controls?
Unified Controls are the way you view controls in Thoropass in modules like Roadmap or Controls. Your framework-specific controls, such a controls from a framework like SOC 2 and ISO 27001, are rolled up together into the appropriate Unified Control for your convenience.
Although most of your Unified Controls will come from Thoropass's core list, you can also create custom Unified Controls. At this time, custom Unified Controls can't be associated with existing frameworks, action items, or automations.
To learn more about Unified Controls, see Understanding Unified Controls.
Thoropass Unified Controls
You can edit Thoropass Unified Controls.
If you do edit one of Thoropass's core Unified Controls, we'll retain the original name and description in case you need to reference or revert back to them.
This can be done by users with the role: Account Admin, Admin, Contributor, or Risk Owner.
Custom Unified Controls
You can create and edit custom Unified Controls.
To learn more about custom Unified Controls, including their limitations and how to create them, see User-Created Custom Unified Controls.
Custom Framework Controls
You can edit and delete custom framework controls.
Editing can be done by users with the role: Account Admin, Admin, Contributor, or Risk Owner.
Deletion can only be done by users with the role: Account Admin, or Admin.
Custom Action Items
You can create, edit, and delete custom action items.
This can be done by users with the role: Account Admin, Admin, Contributor, or Audit Contributor.