I’m looking for some insight into best practice with Liabilities. Is it best to keep them very general? Example: just one called Contractual Requirements.
Or
Is it better to do a Liability for each Contract (ex. Contract 1, Contract 2, Contract 3)
Or
Is it better to have each requirement in a contract listed liability (ex. Contract 1 Req. 1, Contract 1 Req. 2, Contract 2 Req. 1, etc.)
I’m trying to determine if I its a good idea to manage many requirements across many different contracts in Eramba, or if I should keep them in a contract management system.
I prefer to put contractual commitments on as their own compliance packages - customer is the package name, items are the line items from the contact you want to track.
Liabilities is more useful when doing a “thumb on the scale” for risk assessment and it won’t help you track your adherence to it. It could be that you enter it two ways → Compliance package for managing your compliance to the requirements and as a Liability to properly weight risks and related controls when performing the risk assessment.
These days there are a lot of liabilities for completing security/privacy related questionaires for customers. How do others manage this within eramba? Am thinking using compliance package where customer is the package name and items correspond to the questions asked in the questionaire.
