In addition to the Managed Templates we've added to your KCM GRC (Governance, Risk and Compliance) account, you can create your own custom Templates in order to meet your compliance (or other) objectives.
The purpose of a Template in KCM GRC is to create and hold a set of requirements that will be converted to a Scope. You will work within Scopes to manage your objectives in your KCM GRC platform. Templates can be anything from compliance initiatives, audit requirements and findings, state and local regulations, security best practices, vendor management, incident management, IT and non-IT based projects, and more.
Note the difference between References and Requirements in regards to the KCM GRC platform:
The compliance or general objective requirements that are included in a Template are referred to as References when they are still within a Template. Once a Template is converted to a Scope, the References are then referred to as Requirements.
When you add a set of References to your KCM GRC account as a Template rather than as a Scope, the Template will reside in your account and you will be able to re-use the requirements as needed, to satisfy your organization's objectives.
You will create a blank Template which you will add References to in any of the following manners:
Create a Custom Compliance Template
Regardless of which method you choose for adding References to your Template, you will start with the first two steps below.
- Select Templates from the navigation menu on the left-hand side, and then Compliance Templates > Create New Template (see below).
- Give your Template a Name and Version number, then click the Create Template button.
Now you'll need to add References to the Scope. Decide which of the following method(s) you will use to add References to your custom Template; then follow the respective instructions.
Upload References in Bulk
- Once you've named your Template, from the View Template page, click the Upload Reference CSV button at the top right.
- Click the Choose File button to locate your CSV file of References. Be sure your file is consistent with the instructions outlined on the right side of the Upload Reference CSV page.
Notes on uploading References via CSV files:
- The following headers and fields are required. However, you can leave description fields blank if you'd like.
- primary_id, sub_id, name, description
- The primary_id and sub_id columns are limited to 20 characters, and there are no special character limitations (i.e., !, *, @, &).
- The name column is limited to 255 characters, without any special character limitations.
- Click the Upload References button to add the References to your Template.
- If you don't need to add any further References to your Template you can proceed by converting your Template to a Scope using the Convert to Scope button on the View Template page.
If you need to include additional References in this Template you can use the Create Reference or Map Existing Reference buttons. Use the instructions below for more information on using these methods to add References.
Map Existing References
If you have existing Templates that include References that you also want to use in your custom Template you can map these References to your custom Template.
- From the View Template page (Templates > Compliance Templates > View Templates > # References button) select the Map Existing Reference button.
- On the Map References to Template page, you'll see all active References in your account. Use the + buttons to add individual References to your Template.
- If you accidentally add a Reference that you do not need, use the - button to remove the mapping.
You can use the Search bar to quickly search for the References you need. For instance, if you know you want to map a Reference from your PCI Template to this custom Template, you can search for "PCI" and all of the References mapped to the PCI Template will populate first. You can also search for keywords in the Name of the Reference and/or the Reference Descriptions.
- Once you're done mapping the necessary References you'll use the Done Mapping button at the top right to go back to the View Template page.
- The newly added References will be ordered according to their Reference ID.
- If you need to change the Reference ID or any other details of the Reference, you can do so by selecting the pencil Edit icon found in the far right column of the View Template page.
Create References One-By-One
- From the View Template page (Templates > Compliance Templates > View Templates > # References button) select the Create Reference button.
- When creating your Reference, be sure to include a Name, Description, Primary ID, and Sub ID (see below).
Typically with compliance frameworks, a Primary ID and Sub ID would reference the compliance requirement's section and subsection. If you are using Templates for managing other types of objectives or projects you can use an ID system that would fit your needs.
- Once you click the Create Reference button this Reference will be mapped to your custom Template, and you will return to the View Template page where you can repeat this process to create all of the necessary References for your custom Template.
- Once you've added all of the necessary References to your Template, you can proceed by converting your Template to a Scope using the Convert to Scope button on the View Template page.