Policy Management

Introduction

You have the option to display your policies in a single, public portal called the Policy Portal. The portal by default is disabled but can be enabled with or without authentication.

Enabling Portal

The Policy portal is by default disabled (System/Settings/Authentication), so no matter what attributes you set on your policies they will not be displayed on the portal while it's disabled.

If you decide to enable the portal, by default eramba will enforce the same authentication mechanism defined on the Main portal.

In addition, and only if you set policies as "Public", eramba will let anyone (without authentication) access the portal but they will only see those policies that have been explicit as "Public". We call this mode "Guest" access.

Policy Attributes

You can configure every policy you upload to eramba with your preferred portal settings.

You have three options:

• Do not show the policy on the portal
• Show the policy on the portal, to anyone (even those without authentication)
• Show the policy on the portal, only to those that authenticate and relate to the policy (are reviewers of the policy or part of the GRC team)

Related Documents

The related policies field is used to link policies in between so when a user accesses the policy portal and displays a policy, all related policies are shown as optional policies.

This field might be hidden by default as "Customisation" settings.

User Account Attributes

If you want users to authenticate on the portal their accounts will need to include the Policy portal on their settings. Only guest access to the portal will of course not need any type of account on eramba.