Managing Your Account Settings
KCM GRC's Account Settings area is where you can configure and customize several aspects of your platform. For instance, you can upload your organization's logo, choose a custom banner color for your email notifications, create custom categories for your Risk Register, and configure single sign-on for your account.
Use the jump links below to learn more about the options that are available under your account settings.
Jump to:
Navigating to Your Account Settings
Navigating to Your Account Settings
There are four tabs available under the View Account area of your KCM GRC platform. Each tab offers different settings for your account.
To navigate to the View Account page, from the top-right area of the screen, click Settings > Account Settings, as shown below.
From the View Account page, the Account Overview tab displays general information about your account. If you have questions about, or need to modify this information, please contact your Customer Success Manager or our Support team.
See the following sections to learn about the additional pages of settings that are available under the View Account area.
Account Settings
From the Account Settings subtab, you can edit the settings for your account.
See the images and descriptions below for an explanation of the settings that are available under the Account Settings subtab.
- Display Name: Add your organization's name. The display name will show in the top-left corner of your account, next to the company logo (see item 3, below). The display name will also be included in any email notifications that are generated from your KCM GRC console.
- Primary Color: Select a color to be the accent color in your KCM GRC notification emails (click to view example). This is a great way to personalize your account to match your organization's branding.
- Company Logo: Click Upload Logo or drag-and-drop a file to upload your organization's logo. This will be displayed in the top-left corner of your account. Your logo will also be included in any email notifications that are generated from your platform.
- Size specifications for this image: 3:2 Aspect Ratio, with a maximum width of 240px and a maximum height of 160px.
- The logo must be in one of the following file formats: JPEG, JPG, PNG, or GIF.
- Company Logo Small: This is where you can upload your organization's icon or mark. To upload an image, click Upload Small Logo, or drag-and-drop a file. This image will be displayed in the top-left corner of your account when the navigation sidebar is collapsed.
- Size specifications for this image: 1:1 Aspect Ratio, with a maximum width of 50px and a maximum height of 50px.
- The logo must be in one of the following file formats: JPEG, JPG, PNG, or GIF.
- Document Upload Allowed: Enabling this account-wide setting allows users to upload files to your platform. If you disable this field, users will not have the option to upload policies or upload files as task evidence.
- You may want to disable this setting if your organization stores evidence on an internal network or uses a web-based file storage application.
Tip: As an alternative, you can restrict links or document uploads at the scope-level or at the task schedule-level. To learn more, see: How Can I Limit the Type of Evidence Submitted by My Users?
- You may want to disable this setting if your organization stores evidence on an internal network or uses a web-based file storage application.
- Doculink Allowed: Enabling this account-wide setting allows users to provide a link (URL) in your console that points to externally-hosted evidence or policies.
- If your organization chooses to store evidence on an internal network or uses a web-based file storage application, we recommend enabling this setting and disabling the Document Upload Allowed setting above.
- Enable Support: Enabling this setting allows KnowBe4's KCM GRC Support team to view your account so they can better assist you.
- Session Timeout: Select the maximum amount of idle time you'd like to allow before your users are logged out of their KCM GRC account.
- Time Zone: Selecting your time zone here will determine which time zone your policy management campaigns are scheduled in.
Note: All other dates and timestamps found in the console are based on Universal Time Coordinated (UTC). - Allowed IP Addresses: Here you can limit access to your KCM GRC platform by specifying the IP addresses that are allowed to access your account. For multiple entries, use commas to separate each IP address.
Tip: As an alternative, you can set up SAML/SSO to increase the security of your account. This alternative is especially recommended if you are adding Vendor User and/or Auditor user roles to your account. For details, see this article: How to Set up SAML/SSO for KCM GRC. - Domain Whitelist: This is a list of the allowed domains for the end users that you will add to your account under the Policy Management module, in order to send policy acknowledgment campaigns. To add a policy end user to your account, they must have an email address with an allowed domain. If you need to add additional domains for your account, contact our Support team.
- Secure MFA Login: Enabling this account-wide setting mandates Multi-Factor Authentication for all users who log in to KCM GRC (regardless of their user role).
- Selecting Mandatory will require all users to set up MFA the next time they log into their account. Make sure your users have downloaded an authenticator application on their smartphones prior to making this change. See this article for more information about configuring MFA in KCM GRC.
Tip: As an alternative to mandating MFA for all users, navigate to a user profile to require MFA on an individual user account. This is the best practice recommendation if you are adding Vendor User and/or Auditor user roles to your account. For more information, see: Mandate MFA for Individual User Accounts. - Task Fail Interval: For your control tasks, specify the number of days (after the due date) that you would like tasks to remain in "Past Due" status before tasks change to the "Failed" status. For more information, see our How to Work with Tasks and Task Schedules for Controls article.
Note: You can still complete a task once it reaches the "Failed" status. However, the task will show a "Completed Late" status instead of a "Satisfied" status.
When you are finished making changes, be sure to click the Save button at the bottom of the page, on the left-hand side, as shown below.
In addition to the settings outlined above, you will also see the Effective Date Range Settings under the Account Settings tab. Effective Date Range (EDR) is an optional feature that you can use with your task schedules. If you utilize EDR, you are choosing to show the time period that is covered by the task. Click the drop-down to learn more about the settings under this area.
By default, EDR may be disabled in your account. If you would like to enable this feature, click the Allow Effective Date Range in task schedules toggle switch, as shown below.If EDR is enabled, you can optionally modify the Due After settings (shown below). For task schedules using EDR, the Due After settings shown below, are the default amount of time that your users will have to submit evidence before the task is considered past due.
If you make changes to these settings, be sure to click the Save button on the right-hand side of the page, as shown above.
Tags
From the Tags subtab, you can create tags to categorize similar items in your account.
You can create tags for the following items in KCM GRC: templates, requirements, scopes, scoped requirements, controls, and risks.
Follow the steps below to create a new tag:
- Click the Create button toward the top right-hand side of the Tags subtab.
- In the Tag Name field, enter your tag. Tags can have a maximum of 25 characters.
- Click the Type drop-down menu and select the type of item that this tag will be used for.
To add a new tag to an existing item in your account, navigate to the item (i.e., scope, template, control, etc.), then click the Update button. From the Tags field, you can select or search for tags that match the item type.
Risk Settings
By default, there are six categories included in your Risk Register. If you would like, you can add custom categories to your Risk Register from the Risk Settings subtab.
From the View Account page, click the Risk Settings subtab, as shown below.
To learn how to manage your custom categories, see the details outlined below:
- Add a Category: Type the name of your category into the Category Name field; add a description in the Category Description field; then, click the +Add button.
- Delete a Category: Click the trash can icon next to the Category you want to delete.
- Edit a Category: Click the pencil icon next to the category that you wish to edit.
SSO Settings
The KCM GRC platform supports SAML 2.0, so your users can quickly and easily log in to KCM using your organization's single sign-on (SSO) or Identity Provider (IdP), without having to set up or use a password.
The View Account > SSO Settings subtab is where you will find the information that you need to set up SAML with your single sign-on (SSO) provider. You will also need to add your SSO provider's information to this area to configure and test the SAML authentication.
To see the full instructions for setting up SAML/SSO for your KCM GRC account, please refer to one of the following resources:
- How to Set up SAML/SSO for KCM GRC
- How Do I Configure SSO/SAML for KCM GRC with OneLogin?
- How Do I Configure SSO/SAML for KCM GRC with Active Directory Federation Services (AD FS)?
Integrations
From the Integrations subtab, you can view and configure available integrations. To configure or update an integration, click the Open button.
For more information about integrations, see our KCM GRC Integrations article.
Comments
0 comments
Article is closed for comments.