Cyber GRC Ideas Portal
ADD A NEW IDEA

All ideas

Showing 35

Evidence Management Frequency

Adidas would like the Evidence Management (Project) to have a recurring Frequency - this can be useful for evidence that needs to be gathered once a quarter or once a year for example - they can then setup the project just once and the request rec...
Guest over 2 years ago in IT and Cyber Compliance 0 Pending Product Manager's Review

UCF content - tracking the data import process should improve

There should be an import status progress report The object levels should be added to Framework Referece object Imported Questions and Procedures should be mapped to the respective controls
Guest over 2 years ago in IT and Cyber Compliance 0 Pending Product Manager's Review

IT Risk Assessment form: Ability to show Question name as response filed header for free text columns

If there are more number of questions in assessment secion, when assessor click on response then customer need to know for which question, they need to provide response.
Guest over 2 years ago in IT and Cyber Risk 0 Pending Product Manager's Review

UCF import status report is needed

When we import the ADs into GRC libraries a simple report on the import status (primary key as import id) is needed. The report should have both details and summary stats. Summary status can be around - no of controls, no of requirements, no of q&...
Guest almost 3 years ago in IT and Cyber Compliance 0 Pending Product Manager's Review

[Siemens Energy] Ongoing Migration of Risk Assessments

Ask - Siemens Energy Cyber Risk Team uses MetricStream Qualitative Risk Assessment approach as of now. Use Case - While the Cyber Risk Team uses our tool to perform risk assessment, they want to migrate risk assessments of different teams/subsidia...
Guest almost 3 years ago in IT and Cyber Risk 0 Pending Product Manager's Review

[Siemens Energy] Segregation of risks, corresponding risk assessment plans, risk assessments, issues/actions between Cyber Risk and Business Risk

Ask - Segregation of risks, corresponding risk assessment plans, risk assessments, issues/actions between Cyber Risk and Business Risk. In customer words - separate the data visibility between RIC and CYS. Use Case - There are two teams in Siemens...
Guest almost 3 years ago in IT and Cyber Risk 0 Pending Product Manager's Review

Set up Assessment type form - Please consider adding product as an option

Can we please have product also as an option along with the existing ones.
Guest about 3 years ago in IT and Cyber Risk 1 Pending Product Manager's Review

Ability to define multiple range of Rating Values in Profile form under formula section

Current Behavior - Currently in OOTB, we can define the rating range only in 2 dimension, ie., Low Bound and High Bound. But for First Citizen use case, FCB defines rating range in 3 dimensions, ie., Low, Mid and High. So as an OOTB if we have a p...
Guest about 3 years ago in IT and Cyber Risk 0 Pending Product Manager's Review

Need an ability to view relationship between Questionnaire and associated GRC library content

Currently there is no way to refer/view the GRC library objects associated to Questionnaires hence it would be great to have a report to show the relationship In addition please include the same in hovercard.
Guest about 3 years ago in IT and Cyber Compliance 0 Pending Product Manager's Review

Functionality to export the Questionnaire and Due Diligence setup and Upload

The biggest drawback and limitation we have in the TPM Module is to export the set up, make some changes in the excel and then upload once again in the system. Kindly review and consider this request on priority so, that we can perform these activ...
Guest over 3 years ago in Threat & Vulnerability Management 0 Pending Product Manager's Review