Feature - Online Assessment module updates

Form Changes on the OA / Actions:

  • General Tab
    • Title (no description)
    • Description (no description)
    • Questionnaire
    • Assessor (The user account or group that is making questions)
    • OA Recipient (The user account or group that is supposed to respond questions)
    • Tags (hidden by default)
  • Questionnaire Tab (removed)
  • Portal Layout (minor change on the tab name)
    • Title
    • Description
    • Display OA Finding (Let OA Recipient download any finding associated with this OA)
    • Allow Downloading Questions (Let OA Recipient download OA questions and answers)
    • Incomplete Submissions (Let OA Recipient submit OA’s with incomplete answers)
  • Schedule
    • Start Date (The OA will automatically start on this date. You can override this setting anytime)
    • Stop Date (The OA will automatically stop on this date. You can override this setting anytime)
    • Recurrence (Recurrence will clone this OA on your set frequency and require the OA Recipient to complete the OA once again)
    • Periodicity (In how many days this OA should be cloned. Minimum value is 2.)
    • Auto Load Answers (Enabling this option will include previous answers on the cloned OA)
  • Associations
    • Business Units
    • Third Parties
    • Assets
    • Asset Risks
    • Third Party Risks
    • Business Risks
    • Data Flows

Form changes in Findings/Actions:

  • General
    • Title (no description)
    • Description (no description)
    • Assessor (The person or group that has an interest in documenting and following up this finding)
    • Finding Owner (The person that has to mitigate this finding)
    • Status
    • Deadline
    • Closure Date (Only available when the status is set to Close)
    • Tags (no description, hidden by default)
    • Associated Question OA Questions (list the questions as: (Question ID) - Question Title

Access OAs without authentication

We want to let people send OA’s without the OA Recipient being authenticated in the OA portal, for this we’ll create a URL for each OA but only if the checkbox is enabled:

  • Enable Non-Authenticated Submissions (Enabling this option will create a unique URL for this OA. Anyone that access this URL can complete and submit this OA)

We require an additional column on the filters for this, also on the email body we need a macro to inject this URL. When used, this URL will skip the authentication portal and go straight to the OA.

Edit questionnaire name and title

For some reason the title and description of a questionnaire can not be edited.

Extend OAs relationships with other modules:

Today we can relate OAs with Third Parties, on the TP module we can:

  • Adjust filters to list related OAs
  • Create dynamic status that pick up asociated OAs status, etc

We need this same functionality in the following modules: BU, Assets, Risks (all three), Data Flows. On those modules we need to show, by default on the “All Item” filter the “Online Assessment” column that shows the counter of OAs.

Allow the Assessor role to access OAs even if they are “Stop”

We need to let the “Assessor” role access the OA portal even if an OA is stop, this is because you always need to review feedback.

Skip OA summary when you only have one OA

Do not show this screen if you have only one OA assigned to you

SAML / Google OAuth on OA Portal

Does it work? i have the feeling the URL redirect is not working there

Github: https://github.com/eramba/eramba/issues/4556