Security Compliance
Overview
The Security Compliance Module is an essential component of our Software-as-a-Service (SaaS) CISO Workplace™, meticulously crafted to ensure organizational compliance with pertinent regulations, laws, and standards concerning data security. It facilitates the identification, evaluation, and management of information security risks while enforcing robust security measures to safeguard sensitive data.
Key Features:
- Comprehensive Framework Adherence: Our module allows adherence to multiple security compliance frameworks such as ISO 27001, NIST, PCI DSS, and AICPA TSC 2017 (SOC 2), offering adaptability across diverse industries and regions, thereby streamlining efforts and reducing administrative overhead.
- Compliance Status Tracking: Real-time tracking of compliance status and regulatory progress ensures transparency and accountability throughout the compliance journey.
- Efficient Documentation: Users can efficiently collect, organize, and document evidence for compliance audits, simplifying the audit process and ensuring readiness.
User Manual
Adding a Framework:
- To add a new framework or standard, navigate to “Manage Compliance”.
- Click on “Add New Framework”.
- In the search box, type the desired framework, e.g., ISO 27001 v2022, and click “View More”.
- Click “Add Standard” to proceed.
- After adding the framework, set the Compliance Timeline, comprising four phases: Organizational Mapping, Gap Analysis, Remediation Plan, and Assessment. Adjust the start and end dates for each phase as needed. Click "Update" to save changes or select "MAYBE LATER" to add the timeline later.
- The added framework will reflect in the Dashboard along with the Timeline.
- To view the entire compliance timeline, click the highlighted framework name on the right portion.
- Customize the view by setting it to day, week, or month, and toggle the "Show Task List" accordingly.
Manage Framework:
- The framework dashboard will display.
* Click the icon next to the section number to reveal tasks.
* Assign tasks by selecting an assignee from the dropdown list.
* Update task status by selecting from the dropdown list.
* Audit Status column is updated by auditors only.
* The progress bar reflects the current status set in the “Status” column.
* Sub-sections and their details are displayed on the right side.
- To add attachments/evidence, return to “Manage Compliance”.
- Click “Upload a Document” on the right portion.
- Select Files, choose the desired files, and click “Upload”.
- To add evidence for each sub-section, navigate to the “Attachments” tab and click “Add Evidence for this Sub-section”.
- Select the file as evidence and click “Select File”.
- The added evidence will be displayed.
- Preview uploaded files by clicking “VIEW FILE” and add comments as necessary.