Assigning monitor stewards

Assigning stewards to a discovery monitor scopes the day-to-day discovery work — promoting staged resources, approving classifications, working the Action Center — to a specific set of users without granting them control over the monitor's configuration.

This guide covers the two ways to assign stewards on the monitor configuration form: enabling system steward inheritance and adding explicit stewards. For the underlying model, see Monitor stewardship.

Monitor stewardship requires Fides Cloud or Fides Enterprise.

Prerequisites

A configured integration with at least one monitor. See Data Monitoring to create one.
Users with a role eligible to be assigned as a steward (Owner, Contributor, Data Steward, Viewer, or Viewer + Approver). See Role-based access control.
For inherited stewardship: the integration must be linked to a System, and that System must have data stewards assigned.

Inherit stewards from the linked system

Inheritance is the recommended default. It keeps the people who own a System in sync with the people who review its discovered data, so you don't have to maintain two separate lists.

Open the monitor's configuration form (Integrations → <integration> → <monitor> → Configure, or use Add Monitor when creating a new one).
Locate the Inherit system stewards toggle.
Leave it on (the default for new monitors). Every current data steward of the linked System will be a steward of the monitor.

Fides keeps the inherited set up to date automatically. If you add or remove a data steward on the linked System, the monitor's inherited stewards change to match. If you re-link the integration to a different System, the inherited set is recomputed against the new System.

To stop inheriting, switch the toggle off and save. Inherited stewards are removed from the monitor; any explicit stewards you have assigned are unaffected.

Add explicit stewards

Use explicit stewards to assign someone who is not (or should not be) a steward of the linked System — for example, a privacy analyst who reviews discovery results for one specific datastore but does not own the System overall.

On the monitor configuration form, locate the Monitor Stewards field.
Pick one or more users from the list. The list includes any user whose role is eligible to be a monitor steward.
Save the monitor.

Explicit stewards are managed by hand and are never modified by inheritance. Removing a user from the Monitor Stewards field removes only their explicit assignment — if the same user is also an inherited steward, they remain a steward via that path.

Combining explicit and inherited stewardship

The two sources are independent. A user can be both an explicit steward and an inherited steward of the same monitor at the same time, and the two assignments are tracked separately. This lets you:

Keep inheritance on for everyday governance, and add a small number of explicit stewards for monitor-specific reviewers.
Disable inheritance entirely on a sensitive monitor and curate the steward list by hand.
Pre-assign an explicit steward whose System-steward status is not yet finalized, without losing the assignment when their System role changes.

What stewards can and can't do

Monitor stewards can act on the monitor's results — see Decisioning Staged Resources in the Action Center guide.

Monitor stewards cannot modify the monitor's configuration: they cannot change its schedule, its classification parameters, its integration, or its steward assignments, and they cannot delete the monitor. Those actions still require a user with broader permissions.

For the full breakdown, see Monitor stewardship.

Monitor stewardship — concept
System stewardship — source of inherited stewards
Data Monitoring — the broader monitor configuration workflow

Data Monitoring Action Center (Helios)