- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-19-2019 01:44 PM
OOB we are seeing the attestations being sent per control per ‘Assigned To’ user. This behavior is causing a lot of overhead for our end users.
For example, if we have 20 Policy Statements with 10 Profiles this will generate 200 controls. Each of these controls will need to be attested. If we have 10 profile owners, they will be required to individually go and click “View Attestation” 20 times.
We need attestations grouped per profile rather than per control. This will save the ‘Assigned To’ user time to have to click through multiple attestations.
Does anyone have any suggestions?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-21-2019 11:53 AM
You could consider following design,
Attestation Questationnaire is basically metrics. You could all the attestation questions in one attestation type where respondents will complete attestation at one form. Further you'll have to write a script includes or business rules which will map these answers to attestation types of other controls moving the respective controls to review state with compliant status based on the answer to their respective questions.
Hope this helps.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-21-2019 11:53 AM
You could consider following design,
Attestation Questationnaire is basically metrics. You could all the attestation questions in one attestation type where respondents will complete attestation at one form. Further you'll have to write a script includes or business rules which will map these answers to attestation types of other controls moving the respective controls to review state with compliant status based on the answer to their respective questions.
Hope this helps.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-20-2019 01:23 AM
Hi Balaji,
This sounds like a good plan.
But with Vendor Risk Management, We can do this already. It has questionares as a single assessment and based on the response on each questions related controls are evaluated.
From an end user experience, this design looks more better than what we have in GRC.
Thanks,
Ashik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-01-2022 09:10 PM
