Fallmanagement-Einstellungen/en: Unterschied zwischen den Versionen
Aus HITGuard User Guide
Weitere Optionen
Faha (Diskussion | Beiträge) Die Seite wurde neu angelegt: „Under "Case Management → Settings", experts can configure case management and create period definitions for reports.“ |
Isan (Diskussion | Beiträge) Keine Bearbeitungszusammenfassung |
||
| (65 dazwischenliegende Versionen von 3 Benutzern werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
In "Case Management → Settings", experts can configure the case management and create period definitions for ticket. | |||
[[Datei:CM Einstellungen.png|left|thumb|900px| | [[Datei:CM Einstellungen.png|left|thumb|900px|Case management settings]] | ||
<br clear=all> | <br clear=all> | ||
__TOC__ | __TOC__ | ||
== | <span id="Einstellungen"></span> | ||
== Settings == | |||
<u> | <u>Category and description</u>. | ||
: | :In general, a case management system (also called an incident management system) can be used for a variety of purposes. Possible use cases are: | ||
:* | :*for recording information security incidents, | ||
:* | :*for data breach management, | ||
:* | :*as a whistleblower system according to EU Directive 2019/1937, | ||
:* | :*and much more. | ||
: | :If multiple case management systems are in use, the user is offered a selection of the category in which the ticket should be added when creating a new ticket. For this purpose, the categories of the case management systems are listed in a selection list and when a selection is made, the description of the category is displayed. Based on this information, the user should be able to decide for themselves in which system the ticket should be added. | ||
<u> | <u>Support team</u>. | ||
: | :The support team is used to ensure that no tickets are overlooked. The team entered here will be set as the support team by default for all incoming tickets. The team members will be informed about new tickets via e-mail. In addition, the members of this team receive the reminder e-mails that arise from the assigned periods for the tickets until a specifically selected expert takes over the processing of the ticket. | ||
<u> | <u>Provide whistleblower system</u> | ||
: | :If the option <b>"Provide whistleblower system</b> is activated, the case management system acts as a whistleblower system. If, additionally, the option "Anonymous ticket possible" is selected, it is a whistleblower system according to EU Directive 2019/1937. Tickets from whistleblowers can thus be created and reported anonymously. In Germany, because of HinSchG § 16 (1), it is not mandatory to provide reporting channels enabling anonymous reporting. This is why the option "Only named tickets possible" is available.<br><br> | ||
:If this option is activated for multiple case management systems, an anonymous whistleblower can select the category for which the whistleblowing should take place from a selection list. The reachability of the whistleblower system can be configured, more on this [[Special:MyLanguage/Hinweisgebersystem|here]]. | |||
<u> | <u>Default case management system:</u> | ||
: | :If multiple case management systems are enabled, one can be selected as the <b>"default case management system"</b>. This will result in it being the first system displayed when a new ticket is created by a whistleblower. | ||
<u>Additional information:</u> | |||
:These options can enable anonymous reporters and creators of tickets in HITGuard to provide additional information on the incident. This information is also part of the case management reports. | |||
[[Datei:CM Einstellungen | <u>Anonymization behavior:</u> | ||
:These options determine whether messages and reporters should be anonymized after a ticket is completed. | |||
:* Hide message content: This option hides message texts from the reporter when the ticket is closed. | |||
:* Anonymization of reporters from the whistleblower system (only if anonymous tickets are enabled): This option removes the name and contact details an anonymous reporter can leave when the ticket is closed. | |||
<u>Deletion behavior:</u> | |||
:These options determine whether closed tickets and dossiers are deleted from HITGuard. | |||
:*Automatic deletion of tickets and dossiers after X years: If this option is selected, tickets and dossiers in the state "Closed" are irreversably deleted from HITGuard after the defined number of years. Dossiers that were returned to the state "In progress" after closing are not affected by this. | |||
:*Delete log data of deleted tickets and dossiers after X years: This option controls when the corresponding log entries are deleted from the database. | |||
:<u>Note:</u> The automatic deletion also affects reports generated for individual tickets or dossiers, the links to measures, controls, and risks, as well as uploaded attachments. Reports with multiple selection (reports on multiple tickets or dossiers) are not automatically deleted. | |||
[[Datei:CM Einstellungen Bearbeiten.png|left|thumb|900px|Edit settings]] | |||
<br clear=all> | <br clear=all> | ||
== <span id="cm_fristdef"></span> | <span id="Fristdefinitionen"></span> | ||
== <span id="cm_fristdef"></span> Period definitions == | |||
Period definitions are used as a template to assign periods to tickets and their messages. | |||
The periods then use their reminders to ensure that the processor or support team is reminded to adhere to the periods. | |||
[[Datei: | [[Datei:M_Einstellungen_Fristen.png|left|thumb|900px|Period definitions]] | ||
<br clear=all> | <br clear=all> | ||
=== | <span id="Fristdefinition_erstellen/bearbeiten"></span> | ||
=== Create/edit period definition === | |||
To create a period definition, click the "Plus" button in the overview. | |||
For example, a period for replying to a message (reply period) and a period for processing a ticket (processing period) can be created. | |||
The period of time determines within which time the ticket should/must be handled. | |||
Periods can be assigned to tickets automatically. | |||
* When ticket is received: The period is automatically assigned to the <b>first</b> message of a ticket. The period is not assigned to messages/replies arriving after that. | |||
Periods can not be deleted, but they can be deactivated. They are then no longer eligible and are also not automatically assigned. | |||
To edit, the desired period definition can be opened by double-clicking on it. | |||
Any number of reminders can be created for a period. If a reminder is due, a reminder e-mail is sent to the responsible person(s). If no responsible person is registered, the reminder e-mail will be sent to the registered support team. | |||
<b>Behavior when changing a period's duration</b>. | |||
* Existing periods will not be updated to the new period duration. If you want to have the new deadline, you must first delete the existing period and create a new one. | |||
[[Datei:CM Fristendefinitionen bearbeiten. | [[Datei:CM Fristendefinitionen bearbeiten.png|left|thumb|900px|Edit period definition]] | ||
<br clear=all> | <br clear=all> | ||
Aktuelle Version vom 3. Dezember 2024, 16:00 Uhr
In "Case Management → Settings", experts can configure the case management and create period definitions for ticket.
Settings
Category and description.
- In general, a case management system (also called an incident management system) can be used for a variety of purposes. Possible use cases are:
- for recording information security incidents,
- for data breach management,
- as a whistleblower system according to EU Directive 2019/1937,
- and much more.
- If multiple case management systems are in use, the user is offered a selection of the category in which the ticket should be added when creating a new ticket. For this purpose, the categories of the case management systems are listed in a selection list and when a selection is made, the description of the category is displayed. Based on this information, the user should be able to decide for themselves in which system the ticket should be added.
Support team.
- The support team is used to ensure that no tickets are overlooked. The team entered here will be set as the support team by default for all incoming tickets. The team members will be informed about new tickets via e-mail. In addition, the members of this team receive the reminder e-mails that arise from the assigned periods for the tickets until a specifically selected expert takes over the processing of the ticket.
Provide whistleblower system
- If the option "Provide whistleblower system is activated, the case management system acts as a whistleblower system. If, additionally, the option "Anonymous ticket possible" is selected, it is a whistleblower system according to EU Directive 2019/1937. Tickets from whistleblowers can thus be created and reported anonymously. In Germany, because of HinSchG § 16 (1), it is not mandatory to provide reporting channels enabling anonymous reporting. This is why the option "Only named tickets possible" is available.
- If this option is activated for multiple case management systems, an anonymous whistleblower can select the category for which the whistleblowing should take place from a selection list. The reachability of the whistleblower system can be configured, more on this here.
Default case management system:
- If multiple case management systems are enabled, one can be selected as the "default case management system". This will result in it being the first system displayed when a new ticket is created by a whistleblower.
Additional information:
- These options can enable anonymous reporters and creators of tickets in HITGuard to provide additional information on the incident. This information is also part of the case management reports.
Anonymization behavior:
- These options determine whether messages and reporters should be anonymized after a ticket is completed.
- Hide message content: This option hides message texts from the reporter when the ticket is closed.
- Anonymization of reporters from the whistleblower system (only if anonymous tickets are enabled): This option removes the name and contact details an anonymous reporter can leave when the ticket is closed.
Deletion behavior:
- These options determine whether closed tickets and dossiers are deleted from HITGuard.
- Automatic deletion of tickets and dossiers after X years: If this option is selected, tickets and dossiers in the state "Closed" are irreversably deleted from HITGuard after the defined number of years. Dossiers that were returned to the state "In progress" after closing are not affected by this.
- Delete log data of deleted tickets and dossiers after X years: This option controls when the corresponding log entries are deleted from the database.
- Note: The automatic deletion also affects reports generated for individual tickets or dossiers, the links to measures, controls, and risks, as well as uploaded attachments. Reports with multiple selection (reports on multiple tickets or dossiers) are not automatically deleted.
Period definitions
Period definitions are used as a template to assign periods to tickets and their messages.
The periods then use their reminders to ensure that the processor or support team is reminded to adhere to the periods.
Create/edit period definition
To create a period definition, click the "Plus" button in the overview.
For example, a period for replying to a message (reply period) and a period for processing a ticket (processing period) can be created.
The period of time determines within which time the ticket should/must be handled.
Periods can be assigned to tickets automatically.
- When ticket is received: The period is automatically assigned to the first message of a ticket. The period is not assigned to messages/replies arriving after that.
Periods can not be deleted, but they can be deactivated. They are then no longer eligible and are also not automatically assigned.
To edit, the desired period definition can be opened by double-clicking on it.
Any number of reminders can be created for a period. If a reminder is due, a reminder e-mail is sent to the responsible person(s). If no responsible person is registered, the reminder e-mail will be sent to the registered support team.
Behavior when changing a period's duration.
- Existing periods will not be updated to the new period duration. If you want to have the new deadline, you must first delete the existing period and create a new one.
