Understand what's needed
Collaboration in Teams
Guided implementation & assurance
Controls are implemented through tasks in Cyberday
Compliance reports help you, an auditor or your management understand, how different requirements are implemented in your activities. In Cyberday's content library tasks are generic, which means implementing one can improve compliance and implement controls in multiple frameworks.
Different tasks need a different approach
Technical tasks are often implemented with technology. Link your chosen security system to demonstrate you have implemented the task. You can also use additional assurance info to e.g. demonstrate task owner's responsibilities in ensuring the protection works.
People tasks are implemented by ensuring organization's staff works securely. Define guidelines in the linked lists and distribute them through Guidebook tab. Teams bot automatically notifies staff when they have unread guidelines.
Organizational tasks need planning and writing. Use the documentation and report templates linked on the task card to e.g. gather key information about data assets, create continuity plans, analyse risks or create shareable documents.
There are also a lot of supporting tasks that are implemented by having a clear, written-down process. You can always utilize other assurance methods, when needed.
Harden your assurance, when needed
You also have a growing list of other assurance methods available. You can use these to e.g. delegate the implementation for multiple people, link additional guidelines to non-people tasks or write an internal how-to description about the implementation.
Everyone gets notified of own security responsibilities through Taskbook
Taskbook is the one-page view for your key security people, which displays their security responsibilities. Taskbook lists the owned tasks, documentation items or reports and highlights the things needing urgent attention. Teams bot weekly reminds of the Taskbook status.
Connect your custom tasks to correct framework sections
Usually in Cyberday you don't need to worry about creating your own tasks - we tell you what's needed. But once you get further in the work, you will want to add some custom safeguards. Create your own tasks and to get them to the compliance reports, connect them to relevant requirements.