Cybernance enables companies to 1) assess their cyber risk and resilience capabilities with an automated assessment, and 2) continuously improve their score by taking action with prioritized projects. The mechanisms that drive these processes – called “Questions” and “Actions” are both built with a workflow that aids in collaboration.
To start using Cybernance, selected users are assigned sets of Questions. Each Question can be “reassigned” to other users who may be better equipped to answer the question based on their role or expertise. This reassignment method can continue indefinitely – there is no limit to the number of users who can participate and collaborate in the assessment process. Cybernance keeps an audit trail of “handoffs” that displays the names and timestamps of users who have owned the question over time.
Similarly, users are assigned “Actions” that specify projects based on the outcome of the assessment. These projects are assigned to a user who may want to delegate the project to another owner. The same way that Questions can be reassigned, so can Actions.
This workflow method is an easy way for assignments to find their natural owner, and for managers to monitor where assignments have been delegated. Because all information is preserved, the workflow methods also provide a detailed audit trail that can be used to understand communication flows, hidden hierarchies, and overburdened employees.