Programs provide reusable templates for assessments, including details of ownership, controls, and workflow. In addition to selecting a questionnaire, a program refers to a set of questionnaire presentation options that configure the questionnaire-taking interface. Enterprise Risk Management (ERM), Information Technology Risk Management (IT RM) assessments, and many other types of assessments are supported.
Predefined program types include:
Classification Assessment;
Contract Awareness Campaign;
Control Assessment;
Key Risk Monitoring (KRI);
Policy Awareness Campaign;
Risk Management; and
Vendor Assessment.