7. Policies Manager

The Policies manager provides comprehensive tools for managing and monitoring policies within your organisation.

With the Policy Manager, you can import your baseline from frameworks you have defined as part of your Cybersecurity Governance, Risk, and Compliance strategy, or you can create tailored policies specific to your environment with ease. For example, you can create sector-specific policies, issue-specific policies, system-specific policies, or any other customised policies.

Once your policy structure is created, you can add and adapt controls to align with your organisational environment. When your policy structure is ready for implementation, our optional workflow approval process offers an efficient, user-friendly way to implement a traceable approval process, adding significant value to your organisation.

Afterward, the maturity levels of your policies can be displayed in your framework baseline, allowing you to understand your cybersecurity protection level and compliance status.

The Policies & Controls Manager is designed to simplify governance while providing the tools you need to maintain compliance, strengthen cybersecurity processes, and improve operational efficiency.

Key Features and Options

Contextual Information:

For each policy, the contextual section allows you to structure your requirements, including the policy scope, compliance information, exceptions, references to other standards and policies, contacts, and more.

Easy Description:

Each category and subcategory within your policy framework is described with a short, standard description that you can adjust to meet your organisation's needs.

Control Definition:

Once your policy structure is defined, you can create controls that ensure your organisation is achieving its cybersecurity objectives.

Control Periodicity:

Define the frequency at which your controls are reviewed, and view these schedules in the main calendar section.

Control Attributes:

Classify your controls based on organisational information and primary cybersecurity taxonomies (e.g., Information Security Property, Control Function, Privacy Control Function).

Maturity Levels:

Set maturity levels for each policy, category and subcategory policies & Security controls to assess and track the progress of your cybersecurity program.

Analytics:

Visualize different components of your policies and controls in an organized and easily navigable view. Access numerous graphs and visualization tools to better understand and analyze your cybersecurity landscape.

Versioning:

Maintain a version history for each domain, category, and subcategory, enabling you to track changes, updates, and approvals over time. Owners: Assign owners to specific domains, categories, or subcategories, ensuring accountability and streamlined management of your framework.

Communication Tools:

Facilitate collaboration within your team using integrated comment tools. Comments can be added at any time, allowing for efficient communication and knowledge sharing.

Filtering Capabilities:

Filter policies and controls based on applicability status and attributes to focus on the most relevant information, making it easier to manage large and complex policies.

Evidence:

Attach relevant evidence to validate control implementation, demonstrate compliance, and support audits or assessments.

Key Features and Options​

Contextual Information:​

Easy Description:​

Control Definition:​

Control Periodicity:​

Control Attributes:​

Maturity Levels:​

Analytics:​

Versioning:​

Communication Tools:​

Filtering Capabilities:​

Evidence:​