Policy Compliance Manager
Organizations develop policies & procedures to communicate the rules of engagement to the end users. In most cases, the policies are developed and uploaded on a centralized portal with no visibility even about the read ratio. A lot of strategic initiatives such as ISO 27001, PCI-DSS, ISO 22301 etc. demand end users to be aware of the IT Security policies developed under the program. The auditors would need to have proof if the policies reached out to the end users and they have fully understood the rules of engagement defined in the policy.
Policy Compliance Manager is designed to simplify the compliance of corporate policies & procedures. A project for compliance can be created, for example βISO 27001β and all related policies can be uploaded in this project. While uploading the policy, a quiz can be created with a passing criterion. Mandatory learning points can also be defined.
A CISO can assign corporate policies to the end users with a defined time period. The end user has to go through the policy, mandatory learning points and the quiz. The end users will only be shown compliant on the dashboard if he/she completes the passing criteria.
PhishRod Policy Compliance Manager maintains a powerful dashboard that provides the following Key Performance Indicators for compliance.
- Organizational Security Awareness Index
- Department Wide Security Awareness Index
- Individual User Security Awareness Index
- Correlation between Phishing Index, Awareness Index & Policy Compliance Index
- Most Compliant Department
- Compliance Index for a specific policy
- Compliance Index for a Specific Project
Key Benefits
- Automated workflow for policy compliance, consent & policy approval
- Organization-wide coverage of corporate policies & procedures
- KPI-Driven approach for policy compliance & consent
Standout Use Cases
- Policy scheduling for the entire organization, department, or specific end users
- Scheduling at specific days, dates, and times for precision
- Automatic locking of end-user machines in case of non-compliance with assigned policies
- Ensures adherence to organizational standards
- Structured learning modules to understand key policy points, promoting informed consent
- Incorporate quiz functionalities, allowing users to assess their comprehension of policy content
- Verification of users' comprehension of organizational policies
- Upload policies under a specific project for project-specific compliance
- Analytics-driven approach to provide complete visibility into policy compliance indices at organization, department, and end-user levels
- Comprehensive document management workflow
- Creation of new projects, policy uploads, definition of learning points, quiz generation, policy assignments
- Approval workflow for newly published policies