Feature Request - Security Incidents (done)

john.oneill · November 29, 2017, 1:35pm

Hi All

It would be great if there was a capability to differentiate between security events and security incidents in eramba. Following ISO27K1 we would issue a non compliance report in the event of a security event. If we could store these somewhere in the system it would be great without them being an actual security incident as per the ISO27K1 definition

In addition if you could log non compliance reports against the individual it would be great (say through the AD connector). With this you would be able to report effectively on who is not working within organizational policies controls etc

Cheers,
John

rene.beauregard · December 1, 2017, 4:29pm

The capability is already in place. When opening a new incident , select the type

john.oneill · December 11, 2017, 11:55am

Yes quite clearly it is. Trip to SpecSavers for me soon I think

Cheers,
John

eramba · December 11, 2017, 1:03pm

is funny , i put that distinction there because i had the same iso audit issue years ago … iso auditors, strange people…