Controls management and assessments are critical for properly managing a complete information security program. Similarly, evidence collection, management, and approval is vital for proper control based security governance programs in any organization. In Ignyte, the Evidence Collector Bot enables users to generate and send links, securely and conveniently, to collect and store evidence directly into the pre-designed document management structure for real-time workflow-based complex controls assessments.

Highlights

  • Send evidence request email directly from Ignyte.
  • Collect uploaded evidence at specified locations directly into Ignyte’s Document Management.
  • Automatically connect and correlate incoming evidence to any control structure (NIST, ISO, PCI, and/or custom).
  • Have senders fill in the basic information for evidence identification and control correlation before upload.
  • Set the upload URL specific expiration date, domain whitelisting, size restrictions, and the number of files.
  • Send multiple requests to multiple users for evidence collection.
  • Upload evidence from any desktop, mobile device, or tablet.
  • Get customizable email notifications when evidence is uploaded and approved.
  • Get reporting and log for each evidence request.
  • Set repeating requests based on custom frequencies (i.e. daily, weekly, monthly, or annually).
  • Review each piece of evidence for quality and approve proof through a dynamic workflow engine.
  • Maintain traceability and audit trail of collected evidence.
  • Organize all incoming evidence into a folder structure, controlled environment, and organizational hierarchy.
  • Allow the inheritability of approved evidence into various controls assessments and different layers of the organization.
  • Automatically add evidence due date on the requester’s calendar.
  • Add optional helpful custom content on each evidence request to guide users.

What does it mean for you and your governance teams?

Collecting controls based evidence documents using traditional emails has many drawbacks. Email lacks required security for evidence collection and doesn’t allow for proper traceability of evidence. Emails can be easily missed, have attachment size limitations, and can be marked as spam or buried under the daily email overload. Compounded by additional steps of saving the attachments to a proper location so it can be shared. The entire process is inherently error-prone and time-consuming.

Evidence Collector Bot is an RPA based productivity booster within the Ignyte platform created to collect documents securely from individuals outside or within your organization. Customizable controlled security options such as SSL connections, domain restrictions, and expiry dates to ensure that your documents will be imported securely and within the specified time frame. The ability to customize evidence collection security settings further allows you to manage usability and experience concerns often encountered by security teams.

Common Evidence Collection Scenario:

For example, you need to collect controls based evidence from various users within one or more organizations regularly. Wouldn’t it be nice to have a secure and easy way for your users to upload evidence so that you receive them in your pre-established controls environment without having to go through the hassles of emails and attachments? With Ignyte’s Evidence Collector Bot, you can create requests with your specifications and send a secure link to your users. Your user clicks on a link and uploads their evidence using their desktop computers or mobile devices. The uploaded documents are stored in specific folders in Ignyte connected to the controls environment, and you receive an email notification informing you about the details instantly. And that’s not all. You can create unlimited requests for different types of evidence or for different users – the choice is yours.

This fast and secure method of receiving controls based evidence directly into Ignyte boosts productivity, enhances collaboration, and improves evidence processing.