Ankos
Ankos Ledger

Team and roles

Invite teammates to your Ankos workspace, assign roles, and pre-assign entries to owners across your organization.

Ankos is built for a team. Infrastructure owners collect AWS evidence, policy owners assemble docs, compliance owners review and sign off — all in the same ledger.

The three roles

RoleCan do
AdminManage the team, create/archive cycles, configure categories, sign off any entry, export evidence packages, manage billing and API keys.
EditorUpload evidence, update ledger entries, sign off entries they own or are assigned, run CLI scans.
ViewerView the compliance ledger and dashboard. No state changes, no uploads, no sign-off.

Every workspace has at least one admin — the person who signed up. Admins can promote editors to admin or demote admins to editor. The last admin cannot demote themselves.

Inviting teammates

From the onboarding wizard

Questions 5 and 6 of the onboarding wizard invite the infrastructure and policy owners as editors and pre-assign them entries by category.

From the Team page

Go to Team → Invite member, enter an email, and choose a role. The invitee receives a branded invite email with:

  • Who invited them (your display name)
  • Their role and what it lets them do
  • A direct Accept link that expires in 7 days
  • A Reply-To set to your email, so they can ask you questions directly

The invite link is shown briefly in a success toast when you create the invite, and is also recoverable at any time. If you need to share the link manually (via Slack, DM, or because the email got caught in a spam filter), click Copy link next to the pending invite on the Team page. The link is copied to your clipboard; admins can do this any number of times — every retrieval is captured in the audit trail.

Invite states

Pending invites show up on the Team page until accepted. An invite is consumed the first time the recipient clicks Accept and signs up with that email. Expired invites can be re-sent.

Assigning entries

Every entry has an owner field. Assignment is how you distribute the workload across your team.

  • Owners get assignment emails when entries are assigned to them (can be muted in Settings).
  • The dashboard shows a per-owner breakdown so leads can see where work is stuck.
  • Editors can only sign off entries they own (admins can sign off anything).

Bulk-assign from the cycle detail page by selecting a whole category and picking an owner.

Removing members

Admins can remove a team member from Team → [member] → Remove. Their entry assignments become unassigned. The member loses access to the workspace immediately, but the audit trail (who uploaded what, who signed off what) is preserved.

Next steps

Settings

Profile, notifications, and API keys.

Dashboard

Progress by owner, category, and priority.

Sign-off

Sign-off is the readiness gate — the explicit signal that a reviewer has looked at an entry's evidence and considers it ready for QSA review. Independent of state.

Evidence Readiness Dashboard

Track progress across your current cycle — readiness percentage, state breakdown, owner workload, and Priority 1 items.

On this page

The three rolesInviting teammatesFrom the onboarding wizardFrom the Team pageInvite statesAssigning entriesRemoving membersNext steps