- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-02-2024 06:01 PM
Hi,
I'm trying to create a small demo for attaching automated evidence generated from a third party application for GRC controls. These evidences are not pdf or other documents but findings(records) from Azure and AWS security tools.
For ex:
Control Objective - To check if AWS access keys are rotated within the number of days specified.
Entities - AWS Users
Controls - One control per AWS user.
I would be fetching AWS findings (as REST API json records - 1 record per user) and storing these records in a custom table.
To determine compliance, I want to configure an indicator template with the METHOD as 'BASIC' and specify the supporting Data as this custom table and the condition which would check for the entity(ie IAM User's) access key rotation status from the table.
The control (as each control is for one user) is 100% compliant if the user's access key is rotated and 0% compliant if his access keys were not rotated (as per the latest finding)
However, the BASIC method has fields like - Target Type, Target and Result if the value meets or exceeds the target value. What are they for and how should I use them in my scenario? The 'Specify supporting data' window too shows fields like : Sample collection type and Sample Size.
Any explanation, video reference or article is highly appreciated.
Thanks,
Krithika
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2025 01:55 AM
Hi Krithika,
The 'target type', 'target' and 'result if the value meets or exceed the target value' are therefore to determine to decide whether the indicator is to be turn into PASSED or FAILED.
Percentage option can be selected if the indicator pass result to be driven using a percentage and the supporting data table contains whole number of records and basic criteria will gives satisfying result.
Percentage = (Total number of records that meets Basic Criteria/Total number of record that is in Supporting Data Table) * 100
Count option can be selected if the indicator pass result to be driven using a count and the supporting data table countians whole number of records and basic criteria will give the satisfying result
In your case, we need to see how each record in supporting table is giving the result (is there any basic criteria that defines the qualfiying criteria?)
Target option to be updated as the threshold limit to define the pass/failed status of the indicator. In your case, it can be set to 100% if the records are available for percentage AND can be set to 1 if it is configured as Count. (asssuming the 0 records means that access key is not rotated)
The next field Result if the value meets or exceed the target value can be set to PASS or FAILED based on your expectation and in your case you can set to PASSED.
SInce Indicators are showing the current status always, if you need to see the previous run status response, we need to enable the Specifiy Supporting Data. In that case, everytime indicator is executed, it will capture the results and the supporting data (which was availabel from the supporting data table) will be captured as a reference.
I am happy to assist you through a show for more clarification
__PRESENT
__PRESENT
__PRESENT
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2025 01:55 AM
Hi Krithika,
The 'target type', 'target' and 'result if the value meets or exceed the target value' are therefore to determine to decide whether the indicator is to be turn into PASSED or FAILED.
Percentage option can be selected if the indicator pass result to be driven using a percentage and the supporting data table contains whole number of records and basic criteria will gives satisfying result.
Percentage = (Total number of records that meets Basic Criteria/Total number of record that is in Supporting Data Table) * 100
Count option can be selected if the indicator pass result to be driven using a count and the supporting data table countians whole number of records and basic criteria will give the satisfying result
In your case, we need to see how each record in supporting table is giving the result (is there any basic criteria that defines the qualfiying criteria?)
Target option to be updated as the threshold limit to define the pass/failed status of the indicator. In your case, it can be set to 100% if the records are available for percentage AND can be set to 1 if it is configured as Count. (asssuming the 0 records means that access key is not rotated)
The next field Result if the value meets or exceed the target value can be set to PASS or FAILED based on your expectation and in your case you can set to PASSED.
SInce Indicators are showing the current status always, if you need to see the previous run status response, we need to enable the Specifiy Supporting Data. In that case, everytime indicator is executed, it will capture the results and the supporting data (which was availabel from the supporting data table) will be captured as a reference.
I am happy to assist you through a show for more clarification
__PRESENT
__PRESENT
__PRESENT