Cirrus Hidden Gems: Role-Based Access Control

Share via:

Hierarchies, Roles and Role-Based Access Control (RBAC) are some of Cirrus’ most powerful features. Perhaps not our sexiest, but trust us, they have the potential to make your life a whole lot easier! 

As you well know, organising assessments is a complicated process that involves many different collaborators – each with different knowledge and responsibilities. Depending on your organisation’s set-up, your e-assessment admin must juggle assessment coordinators, item developers and reviewers, subject matter experts, invigilators, markers, marking reviewers and last but not least, the candidates. All these people with different roles and responsibilities need to use your e-assessment platform at some point. However, unrestricted access to your e-assessment platform can lead to several potential issues, including data security risks (both exam data and sensitive private data) and unintentional errors, not to mention compliance and accountability problems. 

So how can you collaborate with all the stakeholders in your assessment process safely and securely? You guessed it, with hierarchies and roles, and Role-Based Access Control. 

What are hierarchies, roles and RBAC?

In RBAC (Role-Based Access Control), roles and hierarchies work together to provide a structured approach to access control, allowing for efficient assignment and management of user permissions based on their roles and the hierarchical relationships between those roles.


Hierarchies in RBAC represent the relationships between roles. They define the hierarchical structure of roles within an organisation and can be used to establish inheritance or precedence relationships between roles, allowing higher-level roles to inherit permissions from lower-level roles.

This simplifies role assignment and management by allowing roles at higher levels to automatically have access to the permissions of lower-level roles. The best thing about hierarchies in the Cirrus platform is that they are fully flexible and customisable to your specific needs.

That means you can define your own custom groups and assign users as needed to define their access. For example, you might create sub-units of your organisation as follows: 

And so on… Users assigned to each hierarchy will automatically inherit the permissions and access associated with that hierarchy (and any settings you have specified for their Role and/or Profile). 

Cirrus hierarchies are an exceptionally powerful tool to:

  1. Set up your users’ access according to your specific organisational needs. 
  2. Simplify user management, offering clear insight into which permissions each user has.
  3. Save time and streamline your workflows. 
  4. Find users based on their permissions. 


Roles, on the other hand, are used to categorise users based on their responsibilities, job functions, or access requirements within an organisation or system. They define a set of permissions or privileges that are associated with specific tasks or functional areas. Users are assigned one or more roles that determine their authorised actions within the system.

In Cirrus, they  provide access permissions at three levels: Site Roles, Collection Roles, and Assessment Roles.

  • Site Roles define permissions at the environment level, allowing users to perform specific tasks within the Cirrus platform.
  • Collection Roles facilitate collaboration and workflow within collections, granting different permissions to co-workers for item review and approval.
  • Assessment Roles serve the same purpose as Collection Roles but are specific to assessment creation and quality assurance.

Furthermore, certain site roles enable features like logging in as another user or limiting access to specific reports. 

What’s so powerful about these Cirrus roles is that they give you complete, granular control over your users’ privileges: To ensure that they have the appropriate access to and control over tasks and data within the platform. For example, you might: 

  • Share your item bank with external item developers, but restrict their access to topics and items they are actively working on;
  • Divide the marking workload safely by giving internal and external markers only access to certain items;
  • Let some individuals create or modify files while providing others with viewing permission only, and so on.

The benefits of Role-Based Access Control

So how do Hierarchies and Roles make your life easier? RBAC provides numerous benefits for e-assessment platform  admins. Here are some key advantages:

Access Control & Exam Security 

Cirrus RBAC enables admins to enforce appropriate permissions and prevent unauthorised access. It ensures that users are granted access only to the resources and functionalities necessary for their roles, enhancing exam security and confidentiality. Restricting exposure to your item banks to the absolute minimum goes a long way toward keeping your exams secure. 

User Management

RBAC streamlines user onboarding, updates, and removal processes. Admins can easily assign roles and permissions to new users, update existing user profiles, and swiftly remove access when needed. This simplifies user administration and reduces administrative overhead.

Workflow Optimisation

By establishing clear responsibilities and role-based access, RBAC helps streamline collaboration within the e-assessment platform. Admins can assign specific roles to individuals or teams in Cirrus, ensuring that tasks are efficiently distributed, and everyone knows their responsibilities. This fosters productivity and reduces confusion.


Cirrus RBAC allows admins to create custom roles tailored to the specific needs of their organisation. You can define roles based on the responsibilities and access requirements of different user groups. This flexibility ensures that access control aligns precisely with your organisational structure and operational requirements.

Data Organisation

Admins can efficiently filter, search, and group users based on their roles and units. In other words, they always have a clear overview of which permissions each user has. This is especially important in organisations with many users with different job functions, all requiring different types of access privileges. 


RBAC is particularly beneficial for managing larger user populations and complex operations. As your organisation expands, RBAC provides a scalable approach to handle increasing user numbers. Admins can efficiently assign roles and permissions to a growing user base without compromising security or creating administrative bottlenecks.

Overall, Cirrus RBAC empowers you to maintain strong access control, streamline user management, optimise workflows, customise roles, organise data effectively, and scale operations as your organisation grows.

How does it work in Cirrus?

For more information about roles and hierarchies in Cirrus, please refer to our Knowledge Base: 

How to get started

Keen to take advantage of RBAC to keep your exam content secure, streamline your workflows and scale your organisation? Roles and Hierarchies are freely available for all Cirrus users. However, we do recommend you contact your Cirrus consultant for advice on setting up your custom hierarchies as efficiently as possible. 

Share via:
Picture of Mathijs Urbanus
Mathijs Urbanus
Mathijs heads up Cirrus' Customer Support Team. With his technical expertise and experience helping our diverse customers get the most out of Cirrus, he knows the platform like no other.
Would you like to receive Cirrus news directly in your inbox?
More posts in Cirrus Tips

Curious about all things e-assessment?

As Cirrus looks to the future, we are excited to bring you the latest news, trends, and useful information about the industry.


Subscribe to the monthly Cirrus Examiner to join our ever-growing community of people passionate about the unbridled potential of EdTech.