Privacy resource roles and permissions

A resource role is a role that consists of resource permissions and applies to a resource and its children. For example, if you assign a resource role to a domain, it also applies to all assets in the domain. If you assign a resource role to a community, it also applies to all its subcommunities, domains and assets in the community. The purpose of resource roles is to grant resource permissions to users through a responsibility. For example, they determine which users can edit assets via the asset page or in a workflow.

The following table shows the out-of-the-box privacy-related resource roles.

For the list of resource roles that are available out of the box in Collibra Data Intelligence Platform, go to Resource roles.

Resource role Description

Business User

A user with responsibility over a domain, subject or process.
CISO A senior-level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.

Data Protection Officer

 An enterprise security leadership role required by the General Data Protection Regulation (GDPR). This role is responsible for overseeing data protection strategy and implementation, to ensure compliance with the relevant regulations.

Data Steward

A role within an organization responsible for using an organization's data governance processes to ensure fitness of data elements—both the content and metadata. Data Stewards have a specialist role that incorporates processes, policies, guidelines, and responsibilities for administering organizations' entire data in compliance with policy and/or regulatory obligations. A Data Steward may share some responsibilities with a Data Custodian.

Privacy Steward

A role within an organization responsible for utilizing an organization's data governance processes to ensure compliance. Data Privacy Stewards have a specialist role that incorporates processes, policies, guidelines, and responsibilities for determining with which policy and/or regulatory privacy obligations organizations' data should comply.