Cyber GRC Ideas Portal
ADD A NEW IDEA

All ideas

Showing 141 of 141

Risk Assessment - Quantitative factors - Option to add multiple levels in a hierarchical factor

Risk Assessment - Quantitative factors - Option to add multiple levels in a hierarchical factor Customer wants to create a Hierarchical factor with 2 sub-levels where second level to identify the maximum value of a set of factors and 1st level is ...
Guest about 2 years ago in IT and Cyber Risk 3 Need more information

Enable Reports and Dashboards to filter by Reporting Period

AON's Problem Statement: Without a reporting period, auditors, regulators, board members, and other stakeholders wouldn’t know the validity of compliance reports and the risk posed to our information assets, making it difficult to take important d...
Guest about 1 year ago in IT and Cyber Compliance 0 Pending Product Manager's Review

Configuring Design and Operating Effectiveness Values

Use Case: We use a shared responsibility model where some controls are provided by other parts of the org. Those controls are assessed separately and added to the evidence library for use in assessments of systems consuming the controls. My intent...
Guest about 1 year ago in IT and Cyber Compliance 0 Pending Product Manager's Review

Report to view Common and Sample Questions response

Report to view the Common and Sample question responses provided by the Assessors or control owners during the testing
Guest about 1 year ago in IT and Cyber Compliance 0 Pending Product Manager's Review

Enable copy paste functionality in Sample table of test execution page

Martktplaats B.V would like to be able to paste evidence into the sample table (in test execution page). This would allow them to fully use MetricStream to handle evidences. Currently, customer does this using the spreadsheet uploads. Other GRC so...
Guest over 2 years ago in IT and Cyber Compliance 1 Pending Product Manager's Review

Ability to disable owner notifications when UCF data is imported into metricstream.

Expedia is looking for an option to disable the owner notifications in Create Library objects from Authority documents form. Currently they are receiving more than 4000 notifications when UCF data is imported into MetricStream.
Guest about 1 year ago in IT and Cyber Compliance 0 Pending Roadmap Inclusion

Auto create Evidence GRC Object when a Evidence is attached during a Control Self Assessment.

As per the current Solution, the User can relate the Evidence while performing a control test or self-assessment. AON has requested that Evidence be auto-created in the GRC Library when Evidence is attached ("Attach Evidence" attribute) during a C...
Guest over 1 year ago in IT and Cyber Compliance 0 Need more information

option of adding test methodology at task level

initiator self assessment /test plan should have option of adding methodology at task level. Each task can have unique methodology Product Team: Can you provide more information? What are the methodologies and what should be the behavior for each ...
Guest over 1 year ago in IT and Cyber Compliance 1 Need more information

INHERENT/RESIDUAL RISKS BREAKDOWN BY CATEGORY - Risk Rating should be in sorted order

Users wants the risk Rating for the Inherent Risks/Residual Risks Breakdown by Category Report to be in logical order like : Report to be: Low, Moderate, High, and Very High. Currently, in the MSU system Sorting is applied in alphabetical order. P...
Guest over 1 year ago in IT and Cyber Risk 0 Pending Roadmap Inclusion

Complying with NIST 800-30 Cybersecurity Framework using IT and cyber risk module.

NIST SP 800-30 NIST Cybersecurity Framework is popular among companies in the US. NIST has become the gold standard for assessing cybersecurity maturity, identifying security gaps, and meeting cybersecurity regulations. Using our IT- risk module w...
Guest about 3 years ago in IT and Cyber Risk 2 Pending Product Manager's Review