Skip to Main Content
Cyber GRC Ideas Portal
ADD A NEW IDEA

All ideas

Showing 34

NIST CSF v1.1 Assessment and Reporting Capabilities

Raiffeisen Schweiz Genossenschaft (one of our customers) was looking for NIST CSF (CyberSecurity Framework) v1.1 assessment & reporting capabilities in the tool. Based on the discussions with the customer, we realize that the below are gaps. ...
Guest over 2 years ago in IT and Cyber Compliance 1 Pending Roadmap Inclusion

Enhance IT Risk Assessment report

Currently: IT Risk Assessment is not user friendly and users can't find out the overall ALE's as per date. Expected: Report should include fields like, Assessment Data, On Assessment candidate, Any Threat and Vulnerabilities, Factors of Assessment...
Guest about 3 years ago in IT and Cyber Risk 0 Pending Roadmap Inclusion

BMC Helix Adapter Development to connect with BMC Helix Asset Data

Hi, We have to build BMC Helix connector to bring/ pull Asset data from BMC Helix tool and load it into our IT Risk & Compliance platform. After data loading, the user may map the assets with their existing Risk in our platform.
Guest almost 2 years ago in IT and Cyber Risk 1 Pending Roadmap Inclusion

Ability to disable owner notifications when UCF data is imported into metricstream.

Expedia is looking for an option to disable the owner notifications in Create Library objects from Authority documents form. Currently they are receiving more than 4000 notifications when UCF data is imported into MetricStream.
Guest 11 months ago in IT and Cyber Compliance 0 Pending Roadmap Inclusion

INHERENT/RESIDUAL RISKS BREAKDOWN BY CATEGORY - Risk Rating should be in sorted order

Users wants the risk Rating for the Inherent Risks/Residual Risks Breakdown by Category Report to be in logical order like : Report to be: Low, Moderate, High, and Very High. Currently, in the MSU system Sorting is applied in alphabetical order. P...
Guest about 1 year ago in IT and Cyber Risk 0 Pending Roadmap Inclusion

Ability to View details of GRC objects imported and import status

Hi, Team, Currently, there is no ability for a user to view details of the UCF records that were imported and by which UCF content manager Due to this there is no trail for a Control owner to know who imported the controls on their behalf. Can we ...
Guest over 1 year ago in IT and Cyber Compliance 0 Pending Roadmap Inclusion

Ability to map Vulnerability Record from QualysGuard to MetricStream Asset Library based on Composite Key not just IPV4 Address

In case Dynamic IP Address scenarios the assets in a customer network are reused and assigned Dynamically. Based on this scanners like QualysGuard when they capture the Vulnerability and later send it to MetricStream via the connector based integr...
Guest over 1 year ago in IT and Cyber Risk 0 Pending Roadmap Inclusion

Ability to reopen the completed assessment or a feature to copy the previous assessment result (including the controls and residual ratings)

Assuming a scenario where a specific assessable entity has 25 risks associated and the risk assessment is completed. After few days, the same assessable entity needs to be reassessed where in the 24 out of 25 risks is unchanged and only one risk h...
Guest about 7 years ago in IT and Cyber Risk 0 Pending Roadmap Inclusion

No provision to find Vulnerability Ageing

Adding Vilnerability Ageing to the Rule Wizard and Calculate & Fetch the First Identified Date and Last Scanned date from tenable-to configure the automation for items that are not compliant as per the risk appetite Customer use Tenable ...
Guest about 5 years ago in Threat & Vulnerability Management 0 Pending Roadmap Inclusion

CMDB connector - Provide configuration to restrict data

Product should have configuration option to restrict data as per need. Ideally we should have configuration which should allow to define rule(s) so we can restrict data consumption as per need. Currently CMDB connector pulls anything/everything fr...
Guest almost 3 years ago in IT and Cyber Risk 0 Pending Roadmap Inclusion