It is possible to assign one or more functions to a user. But what is it for and how do you use it?
Summary
2. Where to find and define the functions?
3. How to use functions in evaluations?
3.1.Assignment of functions to users and groups
3.2. Linking functions to policies controls
4. Use of the function in an evaluation
1. What is a fonction?
The function allows, as its name suggests, to associate the user with his function in the company.
These functions will be particularly useful during evaluation campaigns: it is common to have in a general policy measures that concern IT, but also HR, Legal, Communication, etc. They make it possible to distribute the different controls of a policy between these different populations.
2. Where to find and define the functions?
The functions can be found in: ⚙️Wheel > Functions
- To create a function: "Add a function" button.
- To modify a function, for example change the associated users and groups: click on the corresponding line and modify the parameters.
3. How to use functions in evaluations?
3.1. Assignment of functions to users and groups
You can assign users and groups directly in the "Functions" tab, as seen above.
You can also assign a function to a user in the ⚙️Wheel > Users > Click on the user concerned > "Functions" field.
3.2. Linking functions to policies controls
⚠️ It is possible to associate functions with private policy controls only.
To link a function to a control:
🔎 The association is made for each control.
1. Policies tab > "Manage all policies" button > Click on the chosen policy.
2. Click on the "Modify" icon at the end of the line > "Functions" field: associate 1 or more functions.
4. Use of the function in an evaluation
🔎 During an evaluation on the policy, only the following controls are presented to a user:
- Those that have no associated function
- Those whose user has the associated function (directly or via a group of which the user is a member).
Example of evaluation with functions
In my "Statement of Applicability" policy, I have associated measures 5.1.1, 5.1.2, 9.1.1, 9.2.3, 9.2.5, 12.2.1, 12.3.1 (in yellow) to the function "Business" and other measures to the HR function.
My user profile is associated with the business function (Identifier "_BUSI")
In the evaluation on the "Statement of applicability" policy, I only see the metrics associated with the business function (those highlighted in yellow above).