Setting Additional Program Options

Option

Description

Automatically answer unanswered controls using results from related controls.

Answer controls if checked (not KRI programs).

Apply answer with the same score from related controls (note: This option automatically answers the choice in the current unanswered control whose score corresponds to the score in the already answered related control.)

Apply compliance score when the reference number of subcontrols are similar.

Apply answer only if the question text and choices are identical (note: This option will only select a corresponding choice in the current unanswered control if the matching answered control has both identical question text and identical choices)

Apply answers when the question text, set of choices and the reference number of subcontrols are similar.

Automatically fail controls when vulnerabilities, mapped to the controls, are reported in the entity.

Fail controls if checked (not KRI programs).

Automatically pass controls when vulnerabilities, mapped to the controls, are not present or closed in the entity

Pass controls if checked (not KRI programs).

Automatically update controls when data feeds, mapped to the controls, are reported in the entity.

Update controls if checked (not KRI programs).

Automatically pass controls when data feeds, mapped to the controls, are not present in the entity.

Pass controls if checked (not KRI programs). This option is not shown, by default. In order to use this option, set the following property in the agiliance.properties file.

use.control.autoanswer.finding.absent=true

Key Controls Only

If checked, only assess key controls (not KRI programs).

Questionnaire Presentation Options 

Select a previously - defined set of Questionnaire Presentation Options, such as "Control Assessments" or "Risk Profiling."

Controls with Preferred Ownership

Check to skip assessing controls with preferred ownership configured when the entities being assessed have no owners that correspond to the preferred owners associated with the control.

Control pass threshold

A number between 0 and 10, inclusive, or "N/A," the default.

New Entities 

Confirm entities that moved into selected dynamic groups before assessing them, or automatically assess such entities.

Remove Entities 

Confirm removal of entities that have moved out of selected dynamic groups, or automatically remove them.

Create Assessments 

Select whether to create assessments for only entity collections or for entity collections as well as its members. 

Be aware while making a selection for Create Assessments. Because if you are assessing an entity collection containing 10,000 entities and you choose to create assessments for entity collection and its members, then the RiskVision application will launch 10,001 assessments. 

After creating the program, you will not be able to change the Create Assessments options.

Control Assessments 

Specify the desired email template to notify the stakeholders in the first stage of an assessment workflow that a new assessment has been launched. Once the assessment is launched, the stakeholders in the subsequent workflow stages get notified using the email templates selected in the assessment workflow stages.

Notify only when there are questionnaires that require stakeholder attention.

Select to send notifications only when stakeholders are required to answer a questionnaire. For more information, see Sending Notifications to Stakeholders.

Send assessment update notification when entity target profile change impact questionnaire content

Check to send notification only when target profile is changed.

Control Response

Use one or more control response options in response to a failed control. For information about how to use the response mechanisms, see Setting Control Response Options.