It would be great to see more flexibility in how user roles are managed in the Secfix platform. Right now, there are only two options — Admin and Employee — which creates friction when trying to delegate responsibilities across the ISMS without giving full access.

For example, I want to assign HR-related evidence tasks to our HR lead, but they can't upload or manage evidence unless we promote them to Admin. This doesn’t scale well and poses unnecessary access risks. A few role types we’d love to see:

More granular roles would help us distribute ownership more efficiently and keep responsibility aligned with actual roles within our organization — without compromising security or overwhelming users with unnecessary access.