Working with Tasks for Controls

In KCM GRC, you can create tasks for controls to help you manage your ongoing compliance and risk management efforts. As a best practice, we recommend that you create recurring tasks for your controls, but you can also create one-time tasks for your controls. Then, you can assign tasks to users in your organization so the users can submit evidence for your controls.

See the sections below to learn how to create and work with tasks.

Jump to:

Prerequisites for Completing Tasks

Working with One-Time Tasks

• Creating a One-Time Task

Working with Recurring Tasks

• Creating a Recurring Task
• When Do Recurring Tasks Become Active?
• Recurring Task Frequencies

Working with Tasks that Use Effective Date Range (EDR)

• Creating a Task That Uses EDR
• When Do EDR Tasks Become Active?
• EDR Task Frequencies

Prerequisites for Creating Tasks

Before you create tasks for your controls, you will need to complete the actions listed below:

1. Either create controls for our scoped requirements or risks, or map existing controls to your scoped requirements or risks. For more information, see our How to Create Controls from Scoped Requirements and How to Create and Map Risk Controls articles.
2. Create user accounts for the individuals in your organization who will be responsible for completing or approving control tasks. When you create user accounts, you can assign user roles to the user accounts based on the responsibilities you would like to give to each user. For example, if a user will only be responsible for completing tasks, you would assign the Contributor user role to that user. For more information, see our How to Create and Manage KCM GRC User Accounts and User Roles Guide articles.
3. Make sure your users have confirmed their user accounts.

Back to top

Working with One-Time Tasks

One-time tasks will only occur once and have a specified due date. You can create one-time tasks for situational tasks or tasks that only need to be completed as needed. For example, if an unexpected incident occurs outside of a control's recurring task, you can create a one-time task for the incident. After you create a one-time task, the task will immediately become active in your account, regardless of the task's start date.

See the subsections below to learn how to create a one-time task.

Back to top

Creating a One-Time Task

To create a one-time task, follow the steps below:

1. In your KCM GRC platform, select the Controls tab from your navigation panel.
2. In the Name column, select a control. When you select a control, you'll be taken to the View Control page, and the Recurring Tasks subtab will automatically be selected.
3. From the Recurring Tasks subtab, click the Create Task button.
4. Fill out the fields on the Create Task page. For more information, see the screenshot and list below:
   1. Select Integration: Select an integration to use for the task, or select None. If you select an integration, the fields below will change. For more information, see our KCM GRC Integrations article.
   2. Task Name: By default, the control name will display in this field. You can change the Task Name if you would like for the name to be specific to the task. The character limit for this field is 255 characters
   3. Task Description: By default, the control description will display in this field. You can change the Task Description if you would like for the description to be specific to this task. The character limit for this field is 10,000 characters.
   4. User Assigned: Select the name of the user who will be responsible for completing the task. This user will receive task reminder email notifications from KCM GRC. For more information about task notifications, see the Control Task Notifications section of our Email Notifications and the Email Digest article.
      Note: If a user group is assigned to the control that the task was created for, only members of that user group will display in this drop-down menu. To learn more about user groups, see our How to Work with User Groups article.
   5. Evidence Requirements: Select the type of evidence that you would like the user to submit. For more information, see the list below:
      • If evidence is not required for the task, select No Evidence.
      • To give the user the option to submit a link or upload a file as evidence, select Document and Link.
      • To only give the user the option to submit a link as evidence, select Link.
      • To only give the user the option to upload a file as evidence, select Document.
        Note: You may not have one of the evidence requirements listed above if you've restricted the evidence that is allowed for the scope or your account. For more information, see our How Can I Limit the Types of Evidence That Users Can Submit? article.
   6. Task Frequency: Select One Time.
   7. Due Date: From the calendar, select a due date for the task. The task evidence should be submitted on or before this date. For one-time tasks, the due date also determines the task's start date and end date.
      Tip: You can select any date in the future. To select a year, click the month and year link at the top of the calendar, click the current year in the pop-up window, and then select a year from the list. To select a month, click the month and year link at the top of the calendar, and then select a month from the list (click to view).

      ×

      Task Due Date Calendar

      

      Close
   8. Approving Manager (Optional): Select the name of the user who will be responsible for approving the task evidence before the task can be closed. This user will receive an email notification when the task is ready for their approval. For more information, see our How to Monitor and Approve Tasks article.
   9. Second-level Approving Manager (Optional): Select the name of the user who will be responsible for approving the task evidence after the Approving Manager. This user will receive an email notification when the task is ready for their approval. For more information, see our How to Monitor and Approve Tasks article.
5. Click the Create button to save the task.

Back to top

Working with Recurring Tasks

In most situations, we recommend that you create recurring tasks instead of one-time tasks or tasks that use Effective Date Range (EDR). When you create recurring tasks, the task will automatically recur based on the frequency that you select.

See the subsections below to learn about creating a recurring tasks, when tasks become active in your account, and task frequencies.

Back to top

Creating a Recurring Task

To create a recurring task, follow the steps below:

1. In your KCM GRC platform, select the Controls tab from your navigation panel.
2. In the Name column, select a control. When you select a control, you'll be taken to the View Control page, and the Recurring Tasks subtab will automatically be selected.
3. From the Recurring Tasks subtab, click the Create Task button.
4. Fill out the fields in the Create Task pop-up window that opens. For more information, see the screenshot and list below:
   1. Select Integration: Select an integration to use for the task, or select None. If you select an integration, the fields below will change. For more information, see our KCM GRC Integrations article.
   2. Task Name: By default, the control name will display in this field. You can edit the Task Name if you would like for the name to be specific to the task. The character limit for this field is 255 characters.
   3. Task Description: By default, the control description will display in this field. You can edit the Task Description if you would like the description to be specific to this task. The character limit for this field is 10,000 characters
   4. User Assigned: Select the name of the user who will be responsible for completing the task. This user will receive task reminder email notifications from KCM GRC. For more information about task notifications, see the Control Task Notifications section of our Email Notifications and the Email Digest article.
      Note: If a user group is assigned to the control that the task was created for, only members of that user group will display in this drop-down menu. To learn more about user groups, see our How to Work with User Groups article.
   5. Evidence Requirements: Select the type of evidence that you would like the user to submit. For more information, see the list below:
      • If evidence is not required for the task, select No Evidence.
      • To give the user the option to submit a link or upload a file as evidence, select Document and Link.
      • To only give the user the option to submit a link as evidence, select Link.
      • To only give the user the option to upload a file as evidence, select Document.
        Note: You may not have one of the evidence requirements listed above if you've restricted the evidence that is allowed for the scope or your account. For more information, see our How Can I Limit the Types of Evidence That Users Can Submit? article.
   6. Task Frequency: Select how often the task will occur. You can select a frequency based on how often your organization needs to submit evidence for the control. For more information about task frequencies, see the Recurring Task Frequencies section below.
   7. Due Date: From the calendar, select a due date for the first recurring task. For each task after this task, the start date, end date, and due date will share the same date. For more information, see the Recurring Task Frequencies section below.
      Tip: You can select any date in the future. To select a year, click the month and year link at the top of the calendar, click the current year in the pop-up window, and then select a year from the list. To select a month, click the month and year link at the top of the calendar, and then select a month from the list (click to view).

      ×

      Task Due Date Calendar

      

      Close
   8. Approving Manager (Optional): Select the name of the user who will be responsible for approving the task evidence before the task can be closed. This user will receive an email notification when the task is ready for their approval. For more information, see our How to Monitor and Approve Tasks article.
   9. Second-level Approving Manager (Optional): Select the name of the user who will be responsible for approving the task evidence after the Approving Manager. This user will receive an email notification when the task is ready for their approval. For more information, see our How to Monitor and Approve Tasks article.
5. Click the Create button to save the task.

Back to top

When Do Recurring Tasks Become Active in My Account?

When you create a recurring task, the task will immediately display under the Recurring Tasks subtab of the View Control page. The first recurring task will become active in your account after you create the task. This task will display in the All Tasks subtab of the View Control page. You can also view this task from the Tasks page.

After the first task, the following tasks will become active the day after the previous task's end date. Then, each task will display in the All Tasks subtab of the View Control page and on the Tasks page when it becomes active. To learn more about the start and ends dates, see the Recurring Task Frequencies section below.

Back to top

Recurring Task Frequencies

When you create a recurring task, you can select a frequency from the Task Frequency drop-down menu. The frequency will determine how often the task recurs.

To learn how the different task frequencies work, see the table below:

Back to top

Working with Tasks That Use Effective Date Range (EDR)

Tasks that use Effective Date Range (EDR) are like normal tasks. However, we typically only recommend using EDR if the task only covers a specific date range. For example, if the evidence that the user submits is only effective for one week and will require new evidence each week, you could use EDR for the task. Tasks that use EDR also have a set time period that users can submit evidence after each task's end date.

See the sections below to learn about creating a task that uses EDR, when EDR tasks become active in your account, and EDR task frequencies.

Back to top

Creating a Task That Uses EDR

To create a task that uses EDR, follow the steps below:

1. In your KCM GRC platform, select the Controls tab from your navigation panel.
2. In the Name column, select a control. When you select a control, you'll be taken to the View Control page, and the Recurring Tasks subtab will automatically be selected.
3. From the Recurring Tasks subtab, click the Create Task button.
4. In the Create Task pop-up window that opens, enable the Use Effective Date Range option.
   Note: This option will be unavailable if Effective Date Range is disabled under your Account Settings. For more information, see our How to Manage Your KCM GRC Account Settings article.
5. Fill out the fields on the Create Task page. For information about the fields that EDR will affect, see the screenshot and list below. For information about the remaining fields, see the Creating a Recurring Task section above.
   1. Task Frequency: Select the frequency for the task, which will affect how often the task will occur and the date range when users should submit evidence. For example, if you select the Monthly frequency and set a start date of July 7, 2022, the task will be open from July 7, 2022 until August 7, 2022, and the next task will also begin on August 7, 2022. In this example, the User Assigned should submit evidence between July 7, 2022 and August 7, 2022. For more information about the task frequency, see the EDR Task Frequencies section below.
   2. Start Date: From the calendar, select the date that the task will start. Together, the task's Start Date and Task Frequency will determine the end date for the task. If you select a frequency other than One Time, the first task's end date will be the start date for the next task. For more information, see the EDR Task Frequencies section below.
      Tip: You can select any date in the future. To select a year, click the month and year link at the top of the calendar, click the current year in the pop-up window, and then select a year from the list. To select a month, click the month and year link at the top of the calendar, and then select a month from the list (click to view).

      ×

      EDR Due Date Calendar

      

      Close
   3. Due After: Select the length of time that the user will be able to submit evidence after the task's end date. If the task is recurring, this length of time will apply to each task and will their due dates. For more information, see the EDR Task Frequencies section below.
6. Click the Create button to save the task.

Back to top

When Do EDR Tasks Become Active?

When you create a task that uses EDR, the task will immediately display under the Recurring Tasks subtab of the View Control page. However, the task will not be active in your account until the task's start date. Then, this task will display in the All Tasks subtab of the View Control page and on the Tasks page.

If the task is recurring, the tasks after the first task will become active on their start date. Then, each task will display in the All Tasks subtab of the View Control page and on the Tasks page when it becomes active.

Back to top

EDR Task Frequencies

When you create a task that uses EDR, you can select a frequency from the Task Frequency drop-down menu. The frequency will determine how often the tasks recur.

To learn how the different task frequencies work, see the table below:

Back to top