Cyber GRC Ideas Portal
ADD A NEW IDEA

All ideas

Showing 130 of 130

[IT GRC] Unable to trigger GRCF objects from UCF, which were tried earlier, but it was unsuccessful.

Trakr 276726 Unable to trigger GRCF objects from UCF in the following scenario. Steps: MS_ITU_UCF_GRC_F_REFERENCE - Data table - Configured like below. OWNER_ORGANIZATION : CareFirst OWNER : Administrator ---> (Wrong username) 1. Login as SY...
Guest over 8 years ago in IT and Cyber Compliance 1 Release Candidate Available

Support for FAIR risk assessment methodology.

FAIR is a popular framework for IT risk assessments.
Deleted User over 8 years ago in IT and Cyber Risk 0 Release Candidate Available

Integration with Microsoft System Center Configuration Manager.

Microsoft SCCM is often used as a CMDB within IT organizations. It adds value to import the Asset inventory from SCCM into MetricStream Asset Library.
Deleted User over 8 years ago in Threat & Vulnerability Management 1 Cannot be considered in the Roadmap

Automatic closure of vulnerability remediation tickets.

For an Asset - Vulnerability pair in scan n for which the Vulnerability is not detected in scan n+1 any ticket that was triggered for this Asset - Vulnerability pair should be closed automatically. There should be a configuration to enable or disa...
Deleted User over 8 years ago in Threat & Vulnerability Management 0 Need more information

XLS/CSV data upload for Common Threat and Vulnerability Data Model.

In Customer scenarios where an API-connection into a Vulnerability Scanner is not possible or where vulnerability scan results already exist via. business workflows and in the form of a flat-file (CSV or XLS) it adds value to ingest this data into...
Deleted User over 8 years ago in Threat & Vulnerability Management 4 Cannot be considered in the Roadmap

Default sources should be unlocked in extended forms

When some values are deactivated the data for existing form should be visible with old data. In Questionnaire form "Applies To" field has no Display infolet, if this is enabled for configuration it would help GS team to work themselves
Guest over 4 years ago in IT and Cyber Compliance 1 Cannot be considered in the Roadmap

Configurable connectors

SABB has no asset/CMDB like Atrium. They want the Nexpose connector to create Asset/Asset-Class GRC library from the vulnerability information itself. Creating asset from Nexpose feed through ETL and business criticality to be governed by fields ...
Guest over 6 years ago in Threat & Vulnerability Management 0 Pending Roadmap Inclusion

Data feed from external scanning vendors should be up-loadable and tracked in MSI platform using ISM

SABB employs the services of 2 external vendors to scan the internet facing IP addresses to check for any vulnerabilities. These results (2 different excel formats) should be up-loadable into the system. The external IP can in fact refer to the sa...
Guest over 6 years ago in Threat & Vulnerability Management 0 Pending Roadmap Inclusion

Auto closure of issues if related vulnerability is not active

Issues created by vulnerability scan should be auto-closed if in the subsequent scans, that vulnerability is not active A new source type – External Vulnerability Update to be supported in Issue management app. This feature should be an optional f...
Guest over 6 years ago in Threat & Vulnerability Management 0 Pending Roadmap Inclusion

New comparison report to track SLA adherence

The SLA applied by TVM team on IT resource users is 90 days. All the issues open on the 1st day of the quarter has to be stored (Issue, Action, start date, Due Date, Title, Pending with, Owner by Org, Owner etc.,). The same vulnerabilities/issues ...
Guest over 6 years ago in Threat & Vulnerability Management 0 Pending Roadmap Inclusion