Suppose you have HIPAA Trust 8.0 , you have related internal controls and policies. Now 8.1 comes out, how do you go around that update? Right now is a manual job, you need to edit the compliance package using Compliance Management / Compliance Packages.
We need a feature that allows me to import the new version and update the existing content. This is not simple as there could multiple situations:
- OLD has items NEW does not have
- NEW has items OLD does not have
- NEW and NEW has the same items but different content (title, description)
How we go around this … not sure. Ideas anyone?
This is a difficult one because for historical purposes, you may have been compliant with (using your example) HITRUST 8.0. Now, HITRUST has changed one of the controls and made it more strict, so in 8.1 you do not comply.
Whatever we decide to do in Eramba should definitely keep the historical/previous version for reference. I have a bunch of other thoughts/ideas around this topic but unfortunately have to run off to a meeting. Will try to put more down to paper and post them here later.
Exactly, for that reason we put the “Duplicate” option:
This “Copies” a compliance package and all its controls, policies relationships (done trough Compliance Management / Compliance Analysis) on a copied item.
Then you can work on the original package in peace (you have a copy)…I’ll think on the logic on how imports could work and report back here in a while.