- Knowledge Center
- FAQ
- Audit
-
Basic Employee Training
-
Video Resources
-
FAQ
- Admin Portal
- Application Security
- Assets
- Assessment
- Audit
- Change Management
- Communication and Notifications
- Compliance Manager
- Data Security
- Document
- Endpoint Security
- Framework Control Manager
- Human Resources
- Incident Response
- Identity & Access Control
- Infrastructure(Network) Security
- Integration
- Physical security
- Policy and Procedures
- Report
- Risk Management
- Security Awareness Training
- SSO
- Ticket
- Training
- Users
- Vendor Management
- Vulnerability Management
- Miscellaneous
-
FAQ's for Admins
-
Release Notes
-
Role Management
-
Compliance Manager
-
Ostendio Document Wiki
-
Ostendio Crosswalk™
-
System Settings & Billing
-
Vendor Connect
-
Documents
-
Auditor Connect
-
Crosswalk Assessments
-
Assessments
-
Audits
-
Training
-
Tickets
-
Users & Groups
-
Ostendio API’s & Integrations
-
Risk Management
-
Collections
-
Office Hours
-
Partner Admin Portal
-
Framework Control Manager
-
Reports
-
Assets
-
Ostendio Platform Set-up
What is an Audit Task Scheme?
Task Scheme: Collective vs Individual task per item
Task Scheme lets you choose whether to create a single collective audit task or several individual audit tasks, i.e.:-
- A single Collective task for all items: This will create a single audit task that encompasses all the audit items.
- For example, if the same person is responsible for performing the review of the access controls for all 5 of the systems that need to be reviewed every quarter, then a single collective audit task will enable that person to make a single submission including the review results for all systems.
- An Individual task per item: This will create separate audit tasks for each owner of each audit item.
- For example, if John, Mary, Sally and Bob are the responsible owners of their own systems, this would mean:
- John is the admin responsible for access control on the AWS back-end
- Mary is the admin responsible for Gusto
- Sally is the admin responsible for the Jira and ServiceNow hubs
- Bob is the admin for the Knowbe4 content
- When creating a quarterly review of access controls to the AWS, Gusto, Jira, and Knowbe4 items, the individual task per item setting will create 4 separate audit tasks, i.e. a separate task for:
- John to review the access control list (ACL) for AWS users
- Mary to review the ACL for Gusto users
- Sally to review the ACL for Jira and ServiceNow users
- Bob to review the ACL for Knowbe4 users
- For example, if John, Mary, Sally and Bob are the responsible owners of their own systems, this would mean:
- A single Collective task for all items: This will create a single audit task that encompasses all the audit items.