Organization Overview

An organization is the workspace boundary in Modulos. It defines who can access the platform, which shared libraries exist, and which defaults apply across projects.

What this is

Organizations let you scale governance without losing consistency:

• teams share the same language for risk and compliance
• leadership sees portfolio-level signals across projects
• changes are governed centrally while execution happens in projects

Where in Modulos

Most organization configuration is managed by organization admins, but viewable by regular members.

• Organization → Users to view members, invites, and roles
• Organization → Settings to view organization-wide defaults like currency and language

Organization-scoped configuration that impacts projects is documented in its feature areas:

• Risk quantification setup: Risk Operating Model
• Framework setup and mapping: Frameworks in Modulos

Who can do what

Permissions

• Organization Admins manage organization settings and user access.
• Organization Members can typically view organization settings and membership, but cannot change them.
• Organization Risk Managers maintain risk quantification structure across the organization, such as taxonomy and budgets, and support teams running quantification in projects.

Organization roles do not automatically grant project access. Project work is governed through project roles.

How it works

Organizations provide shared structure that projects build on:

• People: membership and organization roles
• Defaults: currency and language preferences used across the UI and exports
• Shared libraries: organization-level risk taxonomy and budgets used for risk quantification rollups
• Projects: where frameworks, controls, evidence, and quantification runs are executed

Organization as the shared layer

Organization

People

• Members
• Organization roles

Defaults

• Currency
• Language

Shared libraries

• Risk taxonomy
• Risk budgets
• Framework templates

applies to all projects

shared structure

Projects

Execution happens here

• Frameworks
• Controls
• Evidence
• Risk threats
• Quantification runs

Organizations define shared structure and defaults; projects are where governance work is executed.

Projects inherit organization defaults and rely on shared libraries for consistency, while still allowing project-specific scope and ownership.

How to use it

1

Confirm defaults

Set currency and language before scaling projects

2

Add the right people

Invite users and assign organization and project roles

3

Establish shared structure

Define risk quantification taxonomy and budgets at the organization level

4

Execute in projects

Apply frameworks, implement controls, attach evidence, and quantify risk threats

Important considerations

• Organization defaults matter most early; changing currency later does not retro-convert historical values.
• Separation of duties improves audit readiness: keep implementers and reviewers distinct where possible.
• If you can’t access an organization page, you likely don’t have the required organization role.

Related pages

Settings

Organization-wide defaults like currency and language

User Management

Invite users, assign roles, and enforce separation of duties

Portfolio Overview

Portfolio rollups and budgets for risk quantification

Operating Model

Where to do what in risk quantification and who can do it