Note: You’ll need to be an Organisation Administrator to perform these actions.

Every user in ISMS.online has a preferences page where they can manage personal settings. As an administrator, you can also access and update other users’ preferences to ensure their details, roles, and access rights are configured correctly.

Accessing a Preferences Page

To access your own preferences:

  1. Click your name in the top-right corner of ISMS.online.
  2. Select My Preferences.

To access another user’s preferences (admins only):

  1. Click your name in the top-right corner and select Organisation Settings.
  2. Go to the Registered Users tab.
  3. Find the user you want to manage and click their name.
  4. Select the Preferences tab.

What Can Be Edited in User Preferences?

Users can update their own:

  • Password
  • Email address
  • First and last name
  • Email notification preferences
  • Time zone and date format

Organisation Administrators can also:

  • Change the organisation a user belongs to
  • Add or remove platform roles
  • Add or remove permissions
  • Add new team memberships for work areas

Roles and Permissions

Platform Roles

These roles define a user’s level of access across the entire ISMS.online organisation:

  • ISMS.online Organisation Administrator
     Full admin rights including creating, managing, and deactivating users, editing the organisation profile, and requesting security setting changes.
  • ISMS.online Regular User
     Standard access to the platform.
  • ISMS.online Occasional User
    View-only access to work areas, without the ability to create new areas.

Note: Platform roles are different from work area roles. To manage access within specific work areas, use the Teams page.

Overview Permissions (Accounts Areas)

If your organisation uses Accounts areas, you can assign these permissions:

  • No Additional Rights – Access only to work areas they’re teamed into.
  • Access – View all Accounts areas and contribute (e.g., add tasks, notes, documents).
  • Administer – Full administration of all Accounts areas, including team management and deletion.


Time Zone and Date Format

These settings can be customised per user and will override the organisation-wide defaults.

For organisation-wide time zone settings, see our guide to Editing Organisation Settings

Team Memberships

Administrators can add users to any work areas they have rights to administer:

  • View all work areas you can manage.
  • Assign a team membership level: Read-only, Contribute, Administer, or Approval.

Note: To remove team memberships, you’ll need to manage this directly within the specific work area.



Work Area Roles Explained

Read-only

  • View all content (activities, structure, documents, discussions, notes, KPIs, etc.).
  • Cannot edit, upload, or delete content, or change settings.

Contribute

  • Create and edit content they own (documents, discussions, to-dos, KPIs, notes).
  • Link projects, add readings, and mark assigned activities as complete.
  • Can modify project structure or add team members (if project settings allow).

Administer

  • Full control over the work area, including settings, team management, and deletion.
  • Can edit or delete any content, and grant/revoke Administer or Approval rights.

Approval

  • Approve or decline activities when marked as complete by team members.

This flexible structure ensures users have the right level of access to contribute effectively while maintaining security and control.