User groups make it easier to manage security and compliance tasks across departments, roles, or teams. By assigning users to specific groups you can:
Simplify Task Assignment: Assign relevant tasks to specific groups instead of individuals, ensuring the right people are responsible for critical compliance tasks.
Enhance Security: Limit access to sensitive information by ensuring only relevant groups have permissions to certain tasks or policies.
Track Compliance Progress: Easily monitor the progress of each group in completing their security and compliance responsibilities.
Creating groups in Secfix
Step 1
You can create groups by going to Group Settings in the People section.
By default, all users are in the Default Group.
β
Step 2
Click Create new group and add a name.
π‘ Give your group a clear and descriptive name that reflects its purpose. You can group your employees by department (e.g. Engineering, Finance, Sales, Marketing, HR) or by employment type (e.g. full-time, part-time, external, contractors). Below you'll find best practices on setting up groups.
Step 3
Toggle on or off the security compliance tasks applicable to each group, such as:
Install the Secfix Agent
Complete Security Awareness Training
Complete GDPR Training (available if you've purchased the GDPR framework)
Read and accept policies (this will be available once you have uploaded your policies onto our platform)
π‘ Each group should have specific security compliance tasks they need to complete. βCheck out best practices on how to assign security compliance tasks to employees.
How to manage and edit groups
After creating your user groups, you can manage them by navigating back to Group Settings.
From here, you can:
Rename group: Edit the name group in case it has changed
Change group settings: Update security compliance tasks from each group in case you've had some organizational changes
Delete group: Delete groups that are no longer needed. Deleting a group will remove related task assignments but will not affect individual user accounts
Best practices for creating and managing groups
We recommend creating groups based on your company structure and needs. Here are some recommendations of how companies create groups in Secfix.
Based on department
π‘ Recommended for companies with more than 50 employees.
Default
Engineering
HR
Finance
Sales
Marketing
Contractors
External (e.g. advisors, investors)
Based on employment type
π‘ Recommended for companies with less than 50 employees.
Full-time employees
Part-time employees
Contractors
External (e.g. advisors, investors)
Additionally, we recommend that you also add the following groups:
ISMS Governance Council: This group is in line with POL-03 and will be responsible for the ISMS implementation in your company
In Leave: There are some employees that might be in parternity leave and are currently not working. We recommend adding a group so it doesn't hinder your compliance status and once they come back, they can be reassigned to another group.
π‘ For contractors and external groups, it is not mandatory to install the Secfix agent in case they use their private devices although we highly recommend it. Some contractors might want to opt out of this. We recommend checking our Secfix Agent FAQs on how to deal with this.
Assigning Employees to Groups
Now that you've created the groups, you can start assigning employees to each group in the Employees section. In the Group column update the group for each employee.
Next steps