Associate Threats and Controls
In order to link Controls and Threats, navigate to the Risk Register at the top. You can assign more than one Control from a Threat detail page or assign one or more Threats on a Control detail page. You can associate Threats and Controls together, regardless of whether they’ve been registered.
The system-defined Threats come with Controls already associated with them.
Assign from Registered Threat Page
From the Risk Register, select one of your Registered Threats.
Under Registered Controls, select Add Controls.
A modal will appear. If you need, filter by tag at the top.
Check the box next to each Control you’d like to add.
Assign from Registered Control Page
You can also associate one or more Threats to a Control from a Registered Control page. The steps are the same as above, but instead, select a Registered Control from the Risk Register followed by Associate Threats.
Track Changes to Registered Threats and Controls
For both registered Threats and Controls, you can create and track Comments. In addition, you can create and track Tasks associated with a Threat or Control. Threats also come with an Activity log to audit who made changes over time. Comments At the ...
Manage Tasks for Registered Threats and Controls
Create and assign a task to someone in your organization for both Threats and Controls. Begin by selecting Add Task under Tasks near the bottom of the page. Then follow the instructions for creating and assigning a Task. If creating a Task from ...
Add Threats to the System
ComplyAssistant comes with 125 pre-populated Threats. Five of these Threats are based on the Health Industry Cybersecurity Practices (HICP) rule. You also have the option to add Threats specific to your organization. To view the list of Threats and ...
Define an Owner and Status for Registered Controls
Just like with Threats, you can assign an Owner to Controls. In addition, Controls have an Implementation Status. Assign an Owner to a Registered Control To assign an Owner, select from the dropdown. Only users assigned the Risk Register function ...
Add Controls to the System
ComplyAssistant comes with 87 pre-populated Controls. All of these Controls are based on the Health Industry Cybersecurity Practices (HICP) rule. You also have the option to add Controls specific to your organization and Threats. To view the list of ...