Evidence in KCM tasks must be downloaded for an auditor to view it. This violates our security policy, as we do not allow auditors to download our artifacts. Other platforms have an in-browser viewer, which enables auditor viewing and interacting with the evidence, without compromising our security policy with evidence downloads.
Our current workaround is to use links to another platform with the secure in-browser viewer, but it requires auditors to login to both KCM and the other platform.
Please sign in to leave a comment.