Below are some commonly-asked questions about the KnowBe4 Compliance Manager. If you don't see the answer you need, submit a ticket to our Support Team.
- What is the difference between a Template and a Scope?
- What is the difference between a Control and a Task?
- How do I assign a Task?
- Can I incorporate my existing compliance efforts and processes into KCM?
- What are the differences between the various user types in KCM?
- How do I determine whether a user is counted against my KCM user count license?
- I have a user who left our organization, how do I transfer their responsibilities?
- How will my Scope Evidence and my Policy Management module policies be stored?
- Is there a character limit for DocuLinks submitted as Evidence, or links to policies for the Policy Management module?
- Are there size limitations for files uploaded as compliance Evidence, or as policies for the Policy Management module?
- Can I download a report of my Scope with Control, Task, and Evidence details?
- What is Policy Management?
- What is the difference between archiving and deleting a Control?
- If I add my organization's logo under my Account Settings, where will it appear?
1) Question: What is the difference between a Template and a Scope?
Answer: A Template is a framework or collection of requirements that relate to one another. A Scope describes the boundaries of the project or audit framework. You must convert your Template to a Scope before you can begin to create and assign the appropriate Controls.
2) Question: What is the difference between a Control and a Task?
Answer: A Control is an action or procedure that you are taking to ensure that you are meeting the associated Requirement.
You assign a Task frequency to a Control, which determines the number of Tasks to occur per year. For example, if you set a Task to a monthly frequency, you will have 12 Tasks per year, for the associated Control.
Task reminder notifications are automatically generated by the KnowBe4 Compliance Manager and sent to the Responsible User. To learn more about when these Task reminder notifications are sent, see here.
3) Question: How do I assign a Task?
Answer: In order to assign a Task, you must have a Scope that contains Requirements. You'll then need to create or map a Control to a Requirement in order to assign a Task.
Click on "Scopes" in the left-hand side navigation panel, then select the Scope that contains the Requirement(s) you want to assign responsibility to. Click on the "Requirements" tab, and select the Requirement, to create a Control, and then a Task, for.
From the "View Requirement" page, select the "Controls" tab, and click the "Create New Control" button. Once you've entered the appropriate information, select the "Create and Assign" button, then choose a Task Frequency, a Responsible User, and a Start Date.
Note: Users who you need to assign Tasks to must have been given permissions to the Scope.
4) Question: Can I incorporate my existing compliance efforts and processes into KCM?
Answer: Absolutely. KCM allows you to easily upload any existing processes you may have in place via a CSV file. Once uploaded, these Controls can be mapped to one or more Requirements, and therefore, compliance frameworks.
5) Question: What are the differences between the various user types in KCM?
Answer: The KCM platform consists of two different modules, the Compliance module, and the Policy Management module. There are different user types for each module, see our KCM: User Types guide for more information.
6) Question: How do I determine whether a user is counted against in my KCM user count license?
Answer: The following user types are recorded towards your user limit: Account Administrators, Contributors (i.e., Users Responsible and Approving Managers), Scope Managers/Admins, and Policy Administrators. If a user fills more than one of these roles, they're only counted once.
Auditors and end users added within the Policy Management module, are considered soft licenses and therefore do not count against your KCM user count license.
7) Question: I have a user who left our organization, how do I transfer their responsibilities?
Answer: From the "Settings" drop-down menu, select "Manage Users". Select the user you wish to have responsibilities transferred from, by clicking on their email address. Navigate to the "Actions" tab > click "GO" under the "Disable User" widget.
You will then be prompted to select a user to transfer the responsibilities to. If you're transferring responsibilities to a Contributor or a Scope Manager, the transferee must have permissions to the applicable Scope.
Note: This action will only transfer Scope Controls and their associated Task Schedules. Policy campaigns that were created by the disabled user will need to be assigned to a new Campaign Owner, or the Account Admin will be responsible, by default.
8) Question: How will my Scope Evidence and my Policy Management module policies be stored?
Answer: You have two options for adding supplemental files and information (i.e., Evidence for Requirements and/or your organization's required Policies) to your KCM platform. You can either upload files directly to your KCM account or use the DocuLink option to link policies or evidence from your intranet or a file sharing service.
9) Question: Is there a character limit for DocuLinks submitted as Evidence, or links to policies for the Policy Management module?
10) Question: Are there size limitations for files uploaded as compliance Evidence, or as policies for the Policy Management module?
Answer: Yes. All files submitted as Evidence in the Compliance Management module of your console must be equal to, or less than 50MB.
Regarding policy files for the Policy Management module of your console, PDF files have a maximum of 50MB, while all other accepted file types have a maximum size of 10MB. See here for more information on Policy Management files.
11) Question: Can I download a report of my Scope with Control, Task, and Evidence details?
Answer: You can export a Scope and its associated Tasks and Evidence by navigating to Scopes > Export Scope. Once you've scheduled the export, you can download the zipped folder from the Scheduled Exports page, and view and share the Scope details from an .html file.
12) Question: What is Policy Management?
Answer: Policy Management is a module included with your KCM subscription. It allows you to manage, distribute, and track acknowledgments of your organization's required policies. With automatic reminder notifications and functionality to nudge those users who haven't acknowledged, you no longer need to chase your users to fulfill your policy requirements. For more information see our Policy Management article, here.
13) Question: What is the difference between archiving and deleting a Control?
Answer: You may want to archive a Control if you believe it could be used again with a different Requirement. If the Control is a mistake, or if it is not sufficient for any further compliance efforts, you would delete it.
NOTE: Deleting Controls is an irreversible action.
14) Question: If I add my organization's logo under my Account Settings, where will it appear?
Answer: Adding your organization's logo under your Account Settings is a great way to personalize your KCM environment. The logo will display at the top-left corner of your console, in any Policy Management notifications sent to your end users, and in any Executive Report PDFs you've set up to send from the console.