CCS Assessment Manager (CCS AM) helps you assess your organization's IT and non-IT compliance posture by using quiz-based assessments. The CCS AM assessments are based on OCIL-compliant questionnaires that are created or imported by the CCS AM administrators, who then distribute the assessments amongst the attesters.
Following are the primary benefits of the CCS Assessment Manager:
OCIL-compliant data format
Provides creation and import of OCIL-compliant questionnaires.
Light-weight, Web-based clients for CCS Assessment Manager administrators and attesters.
Lets you perform the assessment-related operations by using the browser-based UIs.
Structured approach and a proven methodology
Standardizes the assessment process for the more effective corporate-wide assessments.
CCS Assessment Manager is available in the following languages:
Weight capability emphasizes the severity of the answers
Lets you assign weightage to an answer to obtain more accurate business relevant data.
Faster turnaround times
Increases the productivity gains.
Easy import functionality
Facilitates the integration of questionnaires and provides a comprehensive assessment management library to support the business objectives.
Following are the primary features of the CCS Assessment Manager:
Review and publish questionnaires
Lets you review a questionnaire from the Admin Web portal and then publish the questionnaire. A questionnaire becomes available for assessments when it is in 'Published' state.
A comprehensive library provides a matrix of questionnaires to address many regulations and best practices.
Lets you delegate an assessment to other CCS Assessment Manager users. Assessment delegation is possible only in asset compliance assessments.
Lets you assign specific sections of an assessment to CCS Assessment Manager users. Only CCS AM administrators can assign sections to users during assessment creation. Section delegation is possible only in asset compliance assessments.
Accept or resend an assessment response
Lets you accept a response or reassign it to the attester if the response is not appropriate. The option to accept or resend an assessment is available only in asset compliance assessments.
Lets you specify the date and time to assign an assessment to the attesters.
Lets you aggregate attester responses before you submit the assessment.
CCS Assessment Manager has a role-based distribution of user operations. Each role includes a set of permissions that enables you to perform various functions. With the appropriate permissions, you can create or import questionnaires, provide answers to the questionnaires, collect the user responses, and generate reports.
The roles in CCS AM are as follows:
CCS AM Administrators
CCS AM Power Users
CCS AM end-users
CCS Assessment Manager uses the following two types of assessments to gather information about the organization's current compliance posture:
An asset compliance assessment lets you collect attester responses and evidences to assess compliance for procedural controls based on regulatory mandates, policies, or risk objectives.
You must have Control Compliance Suite 11.0 with Product Update 2013-2 (11.0.10300) installed if you want to carry out asset compliance assessments. Additionally, you must configure the CCS settings in the CCS Assessment Manager console.
A user assessment lets you collect responses from the end-users in your organization for non-IT assessments. A user assessment typically comprises quiz-based questionnaires and lets you assess the attesters based on the individual scores.
You do not have to integrate with Control Compliance Suite to initiate user assessments.
A CCS Assessment Manager administrator can login to the Admin Web client and view the list of assessments that have been assigned to the attesters. The administrator collects the attester responses for user assessments and asset compliance assessments. The administrator can also view the supporting documents and other evidences that the attester attaches with the response.
A CCS Assessment Manager administrator can generate reports after the collection user responses and export the reports for a graphical representation of the information.
With CCS Assessment Manager, you can generate and view operational reports for the assessments that you have initiated. You can also export the report to a .xls file.
After response collection, the administrator can have a holistic view of the organization's compliance posture and decide on the required course of action. The CCS AM administrator can view the reports for each assessment, which lets the administrator drill down to the specific response by using the Web interface. Attached evidence documents help the administrator better understand the attester response. In case of asset compliance assessments, the administrator can create reports and dashboards by using the CCS Reporting and Analytics infrastructure. The CCS AM administrator can drill-down by using the links in a report and view the response of the attesters as evidence.
Imported Document ID: HOWTO84238
Subscribing will provide email updates when this Article is updated. Login is required.