Page Comparison

Overview

ZenGRC provides a risk management workflow that automatically triggers the ability to create tasks between certain risk statuses. These tasks contain information pre-filled from customized templates maintained by your organization. These tasks can be used as follows:

• To gather feedback and promote awareness between risk stakeholders.
• To describe the work that needs to be done for the appropriate assignee.
• Or, they can simply be canceled without creating the task.
  
  

How it Works

The ability to create tasks between certain risk statuses is activated after a risk is placed in an Assessed status. Task details are automatically populated based on templates with pre-defined content that depends on the risk status being suggested in the workflow. 

A new task displays when the risk is transferred between the following statuses:

• Assessed → Accepting

• Assessed → Transferring

• Assessed → Avoiding

• Remediate → In remediation

• In Remediation → Accepting
• In Remediation → Transferring
• In Remediation → Avoiding

The following graphic places a green dot between the statuses where the task templates display. This is portion of the screenshot found on A larger version of the workflow with all risk statuses is available at Risk Management Statuses.

Task Templates

Six fields in the task can be pre-populated from the task templates. Those fields include the following:

• Title
• Description
• Assignees
• Reviewers
• Verifiers
• Related object. This is a locked field that automatically maps the task to the active risk object.

The Title and Description fields can hold variables listed at the top of the page. The variables act as a connection between the active object and the input fields. They can be used to simplify the linking, reduce mistakes, and avoid typos.

The three variables include:

• %object% - Used only in the related object field to link to the actual object.
• %object_title% - Used to populate the field with the active object's title.
• %object_description% - Used to populate the field with the object's description.

Setting up the Task Templates

The task templates contain text determined by ZenGRC experts. However, it can be altered to suit your organization's needs.

To review or alter templates, complete the following steps:

1. Click Settings | Risk Settings.
2. Select the Tasks tab. The Accept - Task Template is listed first, with additional templates below.
   
   
   
   
3. The Accept - Task Template is listed first. Continue scrolling down to alter additional templates. 
   
   
   
   
4. By placing the variable called %object% in the Title field, the name of the risk will automatically populate in its place when saved.

Utilizing Tasks in the Risk Workflow

When a risk is in the Assessed status, the task workflow templates come into play as follows:

1. Click System of Record | Risks and select the applicable risk. 
2. Click I want to. . .  and select one of the statuses. 
   
   
   
   
3. A new task displays and is populated with information from the corresponding template. For example, the following screenshot pulls information from the Accept - Task Template.
   
   
   
   
4. Alter as needed and click Save.
5. Alternatively, click Cancel to close the dialog without creating a task, or click Save & Add Another to create additional tasks.