As an administrator, you create an assessment by using an existing questionnaire and sending it to the attesters for response collection.
A CCS Assessment Manager assessment can be of the following two types:
Asset compliance assessment
An asset compliance assessment lets you collect attester responses and evidences to assess compliance for procedural controls based on regulatory mandates, policies, or risk objectives. You can further delegate a user assessment and then compile the responses to create reports.
An asset compliance assessment uses the assets in the CCS asset system. To create an asset compliance assessment, you must configure the CCS settings from the CCS Assessment Manager console.
A user assessment lets you collect responses from the end-users in your organization for non-IT assessments. A user assessment typically comprises quiz-based questionnaires and lets you assess the attesters based on the individual scores. You cannot delegate a user assessment.
The assessment creation procedure also includes the following aspects of the CCS Assessment Manager assessments:
Specifying the CCS assets that you want the assessment to scope, in case of an asset compliance assessment.
Editing attesters based on the current asset ownerships.
Assign specific sections of the questionnaire to selected attesters.
Attaching prerequisite documents or URLs for the attesters. This is an optional step.
Specifying the scoring criteria for user assessments.
Configuring notifications and selecting the email template for the notifications.