Implementation Roadmap

Introduction

In this phase of the implementation, you will undertake essential steps that are vital for the successful deployment of Eramba. These tasks focus on establishing groups, managing user accounts, and configuring permissions

On the left panel, click on the "Use Case" you previously selected. Read the documentation and then complete tasks.

Risk

Required Learning:

• User Interface course
• Access Management course

In addition, complete the trainings that apply to your use case:

• Risk Management course

Implementation Tasks:

• Create a Group for the GRC team
• Create a User Account for each member of the GRC team, ensure they are members of the "Admin" group AND whatever you call your GRC group. Make sure they are allowed only the "Main" portal.
• Create a Dummy Account to test functionalities, and make it a member of the "No Permissions" group for now.
• Logout from the Admin account
• From now on, log in with your account instead of Admin
• Identify Departments in your Organization
• Create Groups for each one of them, remember from now on any item (risk, control, etc) created in eramba always be assigned it to groups, not user accounts.

Compliance

Required Learning:

• User Interface course
• Access Management course

In addition, complete the trainings that apply to your use case:

• Compliance Management Course

Implementation Tasks:

• Create a Group for the GRC team
• Create a User Account for each member of the GRC team, ensure they are members of the "Admin" group AND whatever you call your GRC group. Make sure they are allowed only the "Main" portal.
• Create a Dummy Account to test functionalities, and make it a member of the "No Permissions" group for now.
• Logout from the Admin account
• From now on, log in with your account instead of Admin
• Identify Departments in your Organization
• Create Groups for each one of them, remember from now on any item (risk, control, etc) created in eramba always be assigned it to groups, not user accounts.

Data Privacy

Required Learning:

• User Interface course
• Access Management course

In addition, complete the trainings that apply to your use case:

• Data Privacy Course

Implementation Tasks:

• Create a Group for the GRC team
• Create a User Account for each member of the GRC team, ensure they are members of the "Admin" group AND whatever you call your GRC group. Make sure they are allowed only the "Main" portal.
• Create a Dummy Account to test functionalities, and make it a member of the "No Permissions" group for now.
• Logout from the Admin account
• From now on, log in with your account instead of Admin
• Identify Departments in your Organization
• Create Groups for each one of them, remember from now on any item (risk, control, etc) created in eramba always be assigned it to groups, not user accounts.

Awareness

Required Learning:

• Access Management course

In addition, complete the trainings that apply to your use case:

• Awareness Programs course

Implementation Tasks:

• Create a Group for the GRC team
• Create a User Account for each member of the GRC team, ensure they are members of the "Admin" group AND whatever you call your GRC group. Make sure they are allowed the "Main" and "Awareness" portal.
• Create a Dummy Account to test functionalities, and make it a member of the "No Permissions" group for now, in terms of Portals allow the "Awareness Portal"
• Logout from the Admin account
• From now on, log in with your account instead of Admin
• Identify the Audiences for your Awareness Programs
• Create one group in eramba for each audience, these might or not be the same as the ones identified in the previous general use case.
• Assign your dummy account to each group created in the previous step, we'll use this to test your awareness programs before you put them in production. Follow Awareness Programs guidelines for the dummy account.
• Enable Awareness Portal

Online Assessments

Required Learning:

• Access Management course

In addition, complete the trainings that apply to your use case:

• User Interface course
• Online Assessment course

Implementation Tasks:

• Create a Group for the GRC team
• Create a User Account for each member of the GRC team, ensure they are members of the "Admin" group AND whatever you call your GRC group. Make sure they are allowed the "Main" and "Online Assessment" portals.
• Create a Dummy Account to test functionalities, and make it a member of the "No Permissions" group for now. Make sure the account is a member of the "Online Assessment" portal alone.
• Logout from the Admin account
• From now on, log in with your account instead of Admin
• Identify your OA Audience, this is critical to define the bases of many settings you will need across different modules and implementation phases.
• Create groups for every Audience so you can easily manage their accounts by grouping them.
• Assign your dummy account to every OA group audience, we'll use this for testing purposes. Make sure to follow OA account permissions guidelines.
• Enable OA Portal

Account Reviews

Required Learning:

• Access Management course

In addition, complete the trainings that apply to your use case:

• User Interface course
• Online Assessment course

Implementation Tasks:

• Create a Group for the GRC team
• Create a User Account for each member of the GRC team, ensure they are members of the "Admin" group AND whatever you call your GRC group. Make sure they are allowed the "Main" and "Online Assessment" portals.
• Create a Dummy Account to test functionalities, and make it a member of the "No Permissions" group for now. Make sure the account is a member of the "Account Review" portal alone.
• Logout from the Admin account
• From now on, log in with your account instead of Admin
• Identify a system within your organization that requires account review, and designate a team responsible for conducting the review for that system.
• Create a group for the team you identified in the previous step
• Assign your dummy account to the group you created on the previous step
• Enable the Account Review Portal