Consolidating Evidence, Document, and Policy management

Trying to get documentation into KCM is scattered across multiple areas and can be confusing and frustrating to properly maintain:

• "Documents" can only be uploaded/linked to a Control, which then appear under the main "Documents" section
• "Evidence" will only appear within the Control if it was uploaded/linked to a Task associated with that Control
• Documents uploaded to a Control cannot be used as Evidence for that Control's Task
• "Policy Management" only allows uploading policies, and you are directed to the "Documents" section to edit them
• The "All" tab of Policy Management doesn't discern between what kind of document each one is, only the Name, Date, and possible Actions are shown
• Any policies uploaded cannot be used as either Documents or Evidence
• While both Documents and Evidence are visible in the "Documents" section, you can only edit existing items rather than upload items
• You must also upload/link the same file multiple times if it applies to multiple Controls, Requirements, and/or Tasks, rather than uploading it once and linking it to multiple Compliance items

Rather than going into each Control, uploading documents/links to Support Evidence, then repeating for each Control, I would much prefer to upload and/or link all of our existing documentation, evidence, and policies under the "Documents" section, then connect them to the appropriate item.

For PCI, a single policy can apply to multiple controls, so we wind up uploading the same policy multiple times as Evidence; our "Network Security Policy" appears 13 times under Documents > Evidence.

Uploading documents should be a "one and done", then allowing us to link that particular file to the necessary Compliance item.