Establish clear-cut ownership for all your passwords. By default, the one who adds a particular password becomes the owner of that password. Unless shared, the owner alone will be able to access the password and no one else will be able to see that password. Thus, access to the sensitive passwords is effectively controlled.
In the event of one of the users leaving the organization, you can transfer the secrets owned by that person to some other administrator. The provision for transfer of ownership also comes in handy when one administrator adds all the secrets to Zoho Vault and later allots them to other users based on their job profile.
Assign roles to your users and establish fine-grained access controls. Zoho Vault comes with three pre-defined roles - Super Admin, Admin and User. The administrator of the organization is designated as 'Super Admin', who will have the privilege to invite other users to join Zoho Vault and also make any user as 'Admin'. These privileges are exclusive to 'Super Admin'. Users designated as 'Admins' can serve as the administrator for Zoho Vault and carry out all admin operations listed under "Admin" tab, approve secret sharing requests from users and define password policy for the organization. Those with the role "Users" will not be able to perform the admin operations.