Members and roles
Members belong to an organization and receive a role. Keep roles aligned with actual duties, not seniority alone. A small team may start with one administrator, one or two reviewers, and reporters who can submit incidents.
- Org admin: Manages organization configuration and sensitive workflow settings.
- Reviewer: Reviews and moderates incident submissions.
- Reporter: Submits incidents and contributes operational updates.
- Viewer: Reads permitted incident records without managing workflows.
Mapped sites
Mapped sites provide known coordinates for reporting and dashboard map placement. Add campuses, common event locations, or other operationally relevant places. Use labels that reporters will recognize quickly during an incident.
Accurate mapped sites improve the incident map. They also reduce location ambiguity in reports and review decisions.
Notification defaults
Organization notification defaults define the baseline alert policy for incident events. They should be reviewed before inviting a large reporting group. Personal account preferences can layer on top of organization defaults, but organization defaults should reflect the leadership team's operating posture.
Policy thresholds
Policy thresholds decide which role is required to manage members, request partners, change organization settings, and update notification defaults. These thresholds are important because they turn trust into explicit permission rather than assumptions.
- Use the lowest role only when the task truly needs broad delegation.
- Keep partner requests restricted to people who understand the organization's trust posture.
- Review policy thresholds after leadership or security team changes.
Organization profile
The organization profile contains the public-facing name, region, status, billing state, and plan context shown inside the workspace. Keep the profile current so trusted partners and team members can identify the organization accurately.