When you are working in Cyberday, you will get across the terms “tasks” and “policy” a lot. The policies in Cyberday are custom built out of the tasks you are activating. The more tasks you activate and therefore add to your policy, the stronger your assurance level will get.
You can access the task list by clicking on “Tasks” from the menu on the left in your Organization Dashboard. A view, in which all of your tasks are listed, will open. You can filter the tasks by owner, status, framework or with a keyword search (see red box in the screenshot below). You can also select i.e. see all the tasks that are pending for review by clicking “Tasks pending for review”.
For each policy you will see a set of suggested tasks. This helps you to build your custom policy with our best practice tasks as assurance. In order to see the suggested tasks, you first have to open a theme of your choice from the Organization Dashboard and then click on the policy you would like to work with. For example, if you open the theme “Privacy” and then open the policy “Information and request for information”, you will get some tasks suggested, which you can add to your policy step by step.
If you would like to add a suggested task to your policy, simply click the button “Add to policy”. Once you have done that, the task will be shown in your policy. The order of the tasks in the policy depends on the priority level. The higher the priority, the higher the task will be shown. You can see if a task has been activated, if it shows the purple “Edit” button instead of the adding option. You can also mark non-relevant tasks. Read more about those later in this article.
If you want to improve your assurance even further, you can add relevant tasks of other frameworks to your policy as well. In order to do so, go to the theme and open the policy of your choice. Click on the three dots in the upper right corner and select “Show task suggestions from other frameworks”. You will see all of the available additional potential relevant tasks in the list of suggestions underneath your activated tasks.
Activating a task is basically the same as adding a task to the policy (see paragraphs above). Simply click on the “Add to policy” button. Once you have added a task to the policy, it is active. You can access and edit the task by clicking the button “Edit task”.
Sometimes, you may not need some tasks, as they are not relevant to your organiztion. In that case, you can mark a task as non-relevant. Go to the policy, which includes the task you would like to mark as not relevant and click the button “Mark as not relevant”.
After that, it is important that you add a description to the non-relevant task to explain that. When you mark the task as not relevant, it will still be listed in your policy. Click the editing button to get to the task card and describe why this task is not relevant to your organization.
If you want to also “grey out” a whole requirement from the compliance report instead of only having it marked as not relevant, navigate to the Organization Dashboard and open the compliance report. Then, go to the specific requirement and click "edit requirement". From there, select from the drop-down menu next to "applicability" "not applicable" and press save. Note: Only do that, if neither of the tasks in the policy of that control are applicable to your organization.
You can also edit and adapt the task list view to your preferences. Simply open the policy of your choice and click the three dots in the upper right corner. From there, you can choose i.e. if you want to hide the non-relevant tasks, see the requirement text and so on.
If you need to export a policy, Cyberday offers a reporting tool that creates reports automatically. To use the reporting tool, go to Organization dashboard –> Reporting. There you'll find our reporting tool with ready made reporting templates as well as an assessment tool. Just click "Create new report" and pick a template suitable for you. If you'd like to read more about the reporting feature, check out our other help article How to create cyber security reports in Cyberday.
Do you have any further questions, would need another help article or would like to give some feedback? Please contact our team via firstname.lastname@example.org or the chat box in the right lower corner.