Implementation Roadmap

Episode 10

Rollout

In this episode we do the final adjustments to roll things out and teach you how to operate your environment

Introduction

In this phase, you will perform the final adjustments on your implementation and roll out the system to other teams in your company. We will also discuss how these modules must be operated daily, remember all we have done so far is implementation.

Phase Instructions:

Click on the left panel the use case you chose. Complete all learning and only after finishing reading, start completing tasks.

Risk Management

Required Learning:

Tasks:

Define an Access Matrix that tells you what access each department needs
Create groups and their access lists as needed
Test permissions using your dummy account
Create accounts (typically a couple of user accounts are enough) for every department group you identified in the Access Management phase. Assign groups as needed.

You will need to keep the following items updated to reflect the reality of your program, the following tasks will need to be regularly performed:

Compliance Management

Required Learning:

Tasks:

Define an Access Matrix that tells you what access each department needs
Create groups and their access lists as needed
Test permissions using your dummy account
Create accounts (typically a couple of user accounts are enough) for every department group you identified in the Access Management phase. Assign groups as needed.

You will need to keep the following items updated to reflect the reality of your program:

Data Privacy

Required Learning:

Tasks:

Define an Access Matrix that tells you what access each department needs
Create groups and their access lists as needed
Test permissions using your dummy account
Create accounts (typically a couple of user accounts are enough) for every department group you identified in the Access Management phase. Assign groups as needed.

You will need to keep the following items updated to reflect the reality of your program:

Online Assessments

Every time you need to send an OA:

Based on your OA strategy decide who needs user accounts in eramba.
Create a group for that target strategy, for example "Suppliers"
Create one or more user accounts for the people that you need feedback from. This step must be completed no matter if you are doing authenticated or non-authenticated OAs.
Create asociated items as needed (Third Parties for example)
Create OAs as necessary and assign the accounts and related entities from the previous steps.
Start OAs so feedback can be collected from the Recipient, based on your automation rules you might automatically send emails to these recipients or not.
When submitted or as feedback is being submitted, review feedback and lock their answers
Once all feedback has been locked, update the OA with the result.
Optionally:
- Create findings to record things that must be corrected
- Create risks (Asset, Third Party or Business Risks)

Awareness Programs

Before you attempt the following tasks, please make sure you complete the following courses: Awareness Programs

Define who needs accounts based on your Awareness Programs and the groups you created during the Access Management phase
Create accounts for these people, bear in mind these accounts need special privileges (in particular on the portals they are allowed). These accounts must belong to the groups you used at the time of creating your Awareness Programs. You can create accounts one by one, with CSV imports or LDAP Sync. If you are starting with an awareness program we recommend using a small number of accounts until you feel comfortable.
Start your Awareness Programs
Monitor awareness compliance

Rollout

Introduction

Risk Management

Compliance Management

Data Privacy

Online Assessments

Awareness Programs

Playlist