Understanding application permissions

The following table describes the various features supported by Risk Register and the permissions required to use those features.

Feature	Permission(s) required
View application settings	Global administrator
Change application settings	Global administrator
Add and change risk models	Global administrator
Create a project-based risk register	Create risk registers AND (Global administrator OR Project administrator OR Browse projects) To create a new project and a new risk register based on that project, the user must be a Jira administrator.
Create a filter-based risk register	Create risk registers AND permission to access the specified filter
Create a multi-project risk register	N/A. This feature is no longer supported, having been replaced by filter-based risk registers.
View the list of risk registers	Anybody. Risk registers will appear in the risk register list if the user has permissions as follows: For project-based risk registers, the user must be a global administrator, a project administrator, or have Browse projects permission. For filter-based risk registers, the user must be able to view the specified filter. For multi-project risk registers, the user must be a global administrator or have permission to administer or browse all of the included projects.
Delete a risk register	Global administrator OR administrator of the risk register
View risk register settings	Global administrator OR administrator of the risk register
Change risk register settings	Global administrator OR Risk register administrator. Note that the settings of multi-project risk registers cannot be changed.
Add risk assessments to issues	Edit issues (project permission)
Change risk assessments	Edit issues (project permission)
Remove risk assessments	Edit issues (project permission)

An expired license will still allow users to view risks and risk registers, but will not allow changes to settings, risk registers, nor risk assessments.