Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Română Русский svenska Kiswahili ไทย Türkçe Українська Tiếng Việt 简体中文 中文 (香港) 繁體中文

KCM GRC: How Can I Limit the Types of Evidence That Users Can Submit?

Avatar
Jessica Goheen
Updated
Follow

Restricting the Type of Evidence Allowed for Compliance Controls

In KCM GRC, administrators can create task schedules and assign users to tasks. Then, users can satisfy their assigned tasks by submitting evidence as a document or a link. For more information about using evidence in your KCM GRC platform, please see KCM GRC: Glossary of Compliance Terms.

Administrators can adjust the settings for the types or evidence that users can submit. They can limit the types of evidence to only documents or only links. Administrators can also prevent users from submitting either type of evidence. 

The sections below contain three different methods for adjusting the settings for the evidence types that users can submit. 

Option 1: Account Settings

Option 2: Scope Settings

Change the Scope Settings When Creating a New Scope

Change the Scope Settings When Updating an Existing Scope

Option 3: Task Settings

Frequently Asked Questions

 

Option 1: Account Settings

Note: Changing your account settings will affect the default setting for existing scopes and new scopes. However, you can update this setting for existing scopes and new scopes, which will override your account settings.

If you want to change the default settings for your account, use the account settings to enable or disable an evidence type. For example, if your organization stores evidence on an internal server, you can disable document uploads for your account. 

Follow the instructions below to change your default account setting for uploading links and documents.

  1. Navigate to Settings > Account Settings in the top-right corner of the page.
  2. On the View Account page, click the Account Settings tab. 
  3. Toggle the Document Upload Allowed and Link Allowed settings to enable or disable them. 
  4. Click the Save button in the bottom-right corner.

Back to top

 

Option 2: Scope Settings

Note: Scope settings override the account settings for enabling and disabling documents and links.

When you create new scopes or update existing scopes, the scope settings for submitting evidence default to match the account settings. If you want a scope's settings to differ from the account settings, you can change the scope's settings by using the instructions below. 

Change the Scope Settings When Creating a New Scope

  1. Navigate to ComplianceScopes from the left navigation panel.
  2. Click the Create Scope button.
  3. Use the drop-down menus under Link Allowed and Document Upload Allowed to select your preferred settings. 
  4. Click the Create button in the bottom-right corner.

For more information about creating scopes, please see KCM GRC: Getting Started with the Compliance Management Module

Back to top

 

Change the Scope Settings When Updating an Existing Scope

  1. Navigate to Compliance > Scopes from the left navigation panel. 
  2. Select a scope from the View All Scopes page.
  3. Click the Update button. 
  4. Use the drop-down menus under Link Allowed and Document Upload Allowed to select your preferred settings. 
  5. Click the Save button in the bottom-right corner.

Back to top

 

Option 3: Task Settings

When you create a task schedule, you can limit the types of evidence that a user can submit to satisfy a control. Follow the instructions below to change a control's task schedule settings for submitting evidence.

Note: The steps below describe how to navigate to a control task from the applicable scope. As an alternative, you can create tasks for controls in the Controls Library.
  1. Navigate to Compliance > Scopes from the left navigation panel. 
  2. Select a scope from the View All Scopes page.
  3. From the Controls tab, select a control. 
  4. From the Task Schedule tab on the View Control screen, click the Create Schedule button.
  5. Under Evidence Requirements, toggle the Require Link and Require Document Upload settings to enable or disable them. 
  6. Click the Schedule button.

For more information about creating tasks and task schedules, please see Working With Task Schedules for Controls

Back to top

 

Frequently Asked Questions (FAQs)

Below are some FAQs for limiting the types of evidence that users can submit. If you have additional questions, please submit a ticket to KCM Support

QuestionDo scope settings override account settings?

Answer: Yes. For example, if you allow document uploads in your Account Settings, but disable document uploads in a scope's settings, users cannot upload documents as evidence for tasks that are associated with that scope.

Question: Do task settings override scope settings? 

Answer: No. If you limit the types of evidence that users can submit in a scope's settings, you cannot change this setting when you create a task schedule. For example, if you disable document uploads for a scope, you cannot enable document uploads when you create a task schedule. However, if you do not limit the types of evidence that users can upload in a scope's settings, you can limit the types of evidence that users can submit when you create a task schedule.

Question: If a control is mapped to two scopes that have conflicting settings, what happens?

Answer: The enabled setting will override the disabled setting. For example, if one scope enables uploading documents and the other scope disables uploading documents, users can upload documents for that control. 

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles